Papa’s Got a Brand New Hack, and its McAfee!! (Tutorial + Download)

16 10 2006

McAfee Epolicy Orchestrator / ProtectionPilot Buffer Overflow [via] Muts Blog

Mut, from Remote Exploit, has published a wonderfull proof of concept buffer over flow attack on McAfee’s ePolicy Orchestrator.  First read a little bit about what McAfee ePolicy Orchestrator is:

Enforce and monitor your system’s security

Coordinate your defense against malicious threats and attacks with McAfee® ePolicy Orchestrator®. As your central security management hub, it helps you keep protection up to date; configure and enforce protection policies; and monitor security status. Do it all from one centralized console.

Sounds like an accident waiting to happen, and oh look…Mutt found the accident:

Proof of concept exploit code is available at:

And a short article describing the exploit is available at :

Mutt notified McAfee but apprently they have yet to get around to patching their super dooper product.

Hack On Fellow bored people.



2 responses

2 12 2006


2 12 2006

very good

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: