PT-2007-4254 · Linux+4 · Linux+4

Publicado

2007-10-31

Atualizado

2017-07-29

CVE-2007-2957

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions McAfee E-Business Server versions prior to 8.5.3 for Solaris McAfee E-Business Server versions prior to 8.1.2 for Linux, HP-UX, and AIX

Description The issue is related to an integer overflow that allows remote attackers to execute arbitrary code. This is achieved by sending a large length value in an authentication packet, which results in a heap-based buffer overflow.

Recommendations For McAfee E-Business Server versions prior to 8.5.3 for Solaris, update to version 8.5.3 or later. For McAfee E-Business Server versions prior to 8.1.2 for Linux, HP-UX, and AIX, update to version 8.1.2 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-189

Identificadores relacionados

CVE-2007-2957

Produtos afetados

Aix

Hp-Ux

Linux

Mcafee E-Business Server

Solaris

PT-2007-4254 · Linux+4 · Linux+4

CVE-2007-2957

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8