McAfee ePO Extension for McAfee Agent Multiple Blind SQL Injection

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

A security management application installed on the remote Windows host
has a SQL injection vulnerability.

Description :

According to its self-reported version number, the version of ePO
Extension for McAfee Agent installed on the remote host has multiple
blind SQL injection vulnerabilities. A remote, authenticated user
could exploit this to execute arbitrary SQL queries, resulting in
arbitrary code execution with SYSTEM privileges.

Versions 4.5 and 4.6 of the extension are affected.

See also :

http://archives.neohapsis.com/archives/bugtraq/2013-07/0081.html
https://kc.mcafee.com/corporate/index?page=content&id=SB10043
https://kc.mcafee.com/corporate/index?page=content&id=KB78824

Solution :

Upgrade to ePO Extension for McAfee Agent version 4.8 or later, or
apply the hotfix for version 4.6 referenced in McAfee Security
Bulletin SB10043.

Risk factor :

High / CVSS Base Score : 9.0
(CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 67120 ()

Bugtraq ID: 61421

CVE ID: CVE-2013-4882