Detections
Analytics
McAfee Common Management Agent < 3.6.0.595 UDP Packet Handling Format String
high Nessus Plugin ID 31732
Language:
Synopsis
A security management service running on the remote host is affected by a remote code execution vulnerability.Description
According to its banner, the version of McAfee Common Management Agent (CMA) running on the remote host is prior to 3.6.0.595. It is, therefore, affected by a flaw in the logDetail() function of applib.dll due to calling vsnwprintf() without the needed format string argument. An unauthenticated, remote attacker can exploit this, via a specially crafted UDP packet, to cause a denial of service condition or the execution of arbitrary code. This issue only occurs when the debug level is set to 8 (the highest level but not the default). Note that Nessus has not checked the debug level setting, only the version number in the agent's banner.Solution
Apply Hotfix BZ398370 Build 595 for McAfee Common Management Agent version 3.6.0 Patch 3.See Also
http://aluigi.altervista.org/adv/meccaffi-adv.txt
https://www.securityfocus.com/archive/1/archive/1/489476/100/0/threaded
Plugin Details
Severity: High
ID: 31732
File Name: mcafee_cma_3_6_0_595.nasl
Version: 1.26
Type: remote
Family: CGI abuses
Published: 4/3/2008
Updated: 1/19/2021
Configuration: Enable paranoid mode
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 7.6
Temporal Score: 6.5
Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C
CVSS v3
Risk Factor: High
Base Score: 8.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Information
CPE: cpe:/a:mcafee:common_management_agent, cpe:/a:mcafee:epolicy_orchestrator
Required KB Items: Settings/ParanoidReport
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/14/2008
Vulnerability Publication Date: 3/12/2008
Reference Information
CVE: CVE-2008-1357
BID: 28228