ePolicy Orchestrator Symlink Arbitrary Privileged File Access
Medium Nessus Plugin ID 19552
SynopsisThe remote web server is prone to an information disclosure vulnerability.
DescriptionThe remote host is running ePolicy Orchestrator / ProtectionPilot, a system security management solution from McAfee.
According to its banner, the Common Management Agent (CMA) associated with ePolicy Orchestrator / ProtectionPilot on the remote host can be used by local users to view files residing on the same partition as the affected application with LocalSystem level privileges by creating symbolic links in the agent's web root directory. This may enable them to read files to which they would not otherwise have access.
SolutionApply CMA 3.5 Patch 4 as described in the vendor's advisory.