Flaws: McAfee Security ePolicy Orchestrator

Three vulnerabilities exist in the ePolicy Server and Agent that allow an attacker to anonymously execute arbitrary code. To attack a machine running ePO, an attacker would need to be located within the corporate firewall and able to connect over the network to the host they wish to compromise. Once one of the vulnerabilities is successfully exploited, the attacker can execute arbitrary code under the privileges used by ePO.

For details, see http://www.atstake.com/research/advisories/2003/a073103-1.txt.

Join the newsletter!

Error: Please check your email address.

More about AtStakeMcAfee AustraliaMcAfee Security

Show Comments