Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
McAfee Security ePolicy Orchestrator Agent POST请求远程堆溢出漏洞
Vulnerability Description
McAfee Security ePolicy Orchestrator是一款企业级反病毒管理工具。ePolicy Orchestrator是策略驱动配置,并包含报告工具。 McAfee ePolicy Orchestrator Agent对POST请求缺少正确边界缓冲区检查,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,可能以ePO进程权限在系统上执行任意指令。 如果提交URL中包含超长字符串的参数的POST请求给Agent,可导致由于缓冲区溢出而使服务崩溃。精心构建提交数据可能以ePO进程权限在系统上
CVSS Information
N/A
Vulnerability Type
N/A