CVE-2003-0149

Description

Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters.

Affected products

• McAfee / epolicy_orchestrator2.0 – 2.0
• McAfee / epolicy_orchestrator2.5 – 2.5
• McAfee / epolicy_orchestrator2.5 – 2.5
• McAfee / epolicy_orchestrator2.5.1 – 2.5.1

References

• VENDOR_ADVISORYhttp://www.atstake.com/research/advisories/2003/a073103-1.txt
• MISChttp://www.nai.com/us/promos/mcafee/epo_vulnerabilities.asp