CVE-2006-5271
https://notcve.org/view.php?id=CVE-2006-5271
Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet, which causes stack corruption. Desbordamiento inferior de un entero en el McAfee ePolicy Orchestrator 3.5 hasta el 3.6.1, el ProtectionPilot 1.1.1 y 1.5 y el Common Management Agent (CMA) 3.6.0.453 y versiones anteriores permite a atacantes remotos ejecutar código de su elección a través de paquetes UDP manipulados, lo que produce una corrupción de pila. • http://secunia.com/advisories/26029 http://www.iss.net/threats/269.html http://www.osvdb.org/36098 http://www.securityfocus.com/bid/24863 http://www.securitytracker.com/id?1018363 http://www.vupen.com/english/advisories/2007/2498 https://exchange.xforce.ibmcloud.com/vulnerabilities/31162 https://knowledge.mcafee.com/article/761/613364_f.SAL_Public.html •
CVE-2006-5272
https://notcve.org/view.php?id=CVE-2006-5272
Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet. Desbordamiento de búfer basado en pila en McAfee ePolicy Orchestrator 3.5 hasta 3.6.1, ProtectionPilot 1.1.1 y 1.5, y Common Management Agent (CMA) 3.6.0.453 y anteriores permiten a atacantes remotos ejecutar código de su elección mediante un paquete ping artesanal. • http://secunia.com/advisories/26029 http://www.iss.net/threats/269.html http://www.osvdb.org/36099 http://www.securityfocus.com/bid/24863 http://www.securitytracker.com/id?1018363 http://www.vupen.com/english/advisories/2007/2498 https://exchange.xforce.ibmcloud.com/vulnerabilities/31163 https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html •
CVE-2006-5274
https://notcve.org/view.php?id=CVE-2006-5274
Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors. Desbordamiento de entero en McAfee ePolicy Orchestrator 3.5 hasta 3.6.1, ProtectionPilot 1.1.1 y 1.5, y Common Management Agent (CMA) 3.5.5.438 permite a atacantes remotos provocar una denegación de servicio (caída del servicio CMA Framework) y posiblemente ejecutar código de su elección mediante vectores no especificados. • http://secunia.com/advisories/26029 http://www.iss.net/threats/269.html http://www.osvdb.org/36101 http://www.securityfocus.com/bid/24863 http://www.securitytracker.com/id?1018363 http://www.vupen.com/english/advisories/2007/2498 https://exchange.xforce.ibmcloud.com/vulnerabilities/31165 https://knowledge.mcafee.com/article/764/613367_f.SAL_Public.html •
CVE-2006-5273
https://notcve.org/view.php?id=CVE-2006-5273
Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet. Desbordamiento de búfer basado en pila en McAfee ePolicy Orchestrator 3.5 hasta 3.6.1, ProtectionPilot 1.1.1 y 1.5, y Common Management Agent (CMA) 3.5.5.438 hasta 3.6.0.453 permite a atacantes remotos ejecutar código de su elección mediante un paquete artesanal. • http://secunia.com/advisories/26029 http://www.iss.net/threats/269.html http://www.nessus.org/plugins/index.php?view=single&id=25702 http://www.osvdb.org/36100 http://www.securityfocus.com/bid/24863 http://www.securitytracker.com/id?1018363 http://www.vupen.com/english/advisories/2007/2498 https://exchange.xforce.ibmcloud.com/vulnerabilities/31164 https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html •
CVE-2007-1498
https://notcve.org/view.php?id=CVE-2007-1498
Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call. Múltiples desbordamientos de búfer basados en pila en el control ActiveX Site Manager.SiteMgr.1 (SiteManager.dll) en la consola de administración ePO de McAfee ePolicy Orchestrator (ePO) anterior a 3.6.1 Patch 1 y ProtectionPilot (PRP) anterior a 1.5.0 HotFix permiten a atacantes remotos ejecutar código de su elección mediante un argumento largo para las funciones (1) ExportSiteList y (2) VerifyPackageCatalog, y (3) vectores no especificados relacionados con una llamada a la función swprintf. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052960.html http://secunia.com/advisories/24466 http://securityreason.com/securityalert/2444 http://www.kb.cert.org/vuls/id/714593 http://www.securityfocus.com/bid/22952 http://www.securitytracker.com/id?1017757 http://www.vupen.com/english/advisories/2007/0931 https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html •