McAfee ePolicy Orchestrator SiteManager ExportSiteList buffer overflow

Added: 05/11/2007
CVE: CVE-2007-1498
BID: 22952
OSVDB: 33796

Background

ePolicy Orchestrator is a centralized security configuration and monitoring application. It includes the SiteManager ActiveX control which is implemented by sitemanager.dll.

Problem

A buffer overflow vulnerability in the SiteManager ActiveX control allows command execution when the ExportSiteList function is called with a long argument.

Resolution

Apply one of the patches referenced in McAfee Document ID 612495 or 612496.

References

http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0162.html

Limitations

Exploit works on McAfee ePolicy Orchestrator 3.6.1 (sitemanager.dll 3.6.1.166) on Windows 2000 SP4 and Windows XP SP1 and requires a user to load the exploit page into Internet Explorer.

Platforms

Windows 2000 SP4
Windows XP SP1

Back to exploit index