Papa’s Got a Brand New Hack, and its McAfee!! (Tutorial + Download)

16 10 2006

McAfee Epolicy Orchestrator / ProtectionPilot Buffer Overflow [via] Muts Blog

Mut, from Remote Exploit, has published a wonderfull proof of concept buffer over flow attack on McAfee’s ePolicy Orchestrator.  First read a little bit about what McAfee ePolicy Orchestrator is:

Enforce and monitor your system’s security

Coordinate your defense against malicious threats and attacks with McAfee® ePolicy Orchestrator®. As your central security management hub, it helps you keep protection up to date; configure and enforce protection policies; and monitor security status. Do it all from one centralized console.

Sounds like an accident waiting to happen, and oh look…Mutt found the accident:

Proof of concept exploit code is available at:
http://www.remote-exploit.org/exploits/mcafee_epolicy_source.pm

And a short article describing the exploit is available at :
http://www.remote-exploit.org/advisories/mcafee-epo.pdf

Mutt notified McAfee but apprently they have yet to get around to patching their super dooper product.

Hack On Fellow bored people.


Actions

Information

2 responses

2 12 2006
asd

gsdfgsg

2 12 2006
asd

very good

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: