McAfee E-Business Server Authentication Packet Remote Overflow

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by a
buffer overflow vulnerability.

Description :

McAfee E-Business Server, an enterprise tool for digitally encrypting
and signing electronic files, is installed on the remote host.

The version of this software installed on the remote host fails to
properly handle over-sized authentication packets sent to its
administration interface, generally TCP port 1718. An unauthenticated,
remote attacker may be able to leverage this issue to crash the
affected service or even execute arbitrary code on the remote host
with LOCAL SYSTEM privileges.

See also :

http://www.infigo.hr/en/in_focus/advisories/INFIGO-2008-01-06
http://seclists.org/bugtraq/2008/Jan/94
http://seclists.org/bugtraq/2008/Jan/101
https://knowledge.mcafee.com/article/542/614472_f.SAL_Public.html

Solution :

Upgrade to McAfee E-Business Server version 8.5.3 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 29900 ()

Bugtraq ID: 27197

CVE ID: CVE-2008-0127

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now