CVE-2006-5156

Name of the Vulnerable Software and Affected Versions McAfee ePolicy Orchestrator versions prior to 5.0.0 is not specified, however, it is mentioned that versions before 3.5.0.720 are affected. McAfee ProtectionPilot versions prior to 1.1.1.126

Description A buffer overflow issue allows remote attackers to execute arbitrary code via a request to "/spipe/pkg/" with a long source header.

Recommendations For McAfee ePolicy Orchestrator versions before 3.5.0.720, update to version 3.5.0.720 or later. For McAfee ProtectionPilot versions before 1.1.1.126, update to version 1.1.1.126 or later. As a temporary workaround, consider restricting access to the "/spipe/pkg/" endpoint until a patch is available.