PT-2007-4254 · Linux+4 · Linux+4

Published

2007-10-31

Updated

2017-07-29

CVE-2007-2957

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions McAfee E-Business Server versions prior to 8.5.3 for Solaris McAfee E-Business Server versions prior to 8.1.2 for Linux, HP-UX, and AIX

Description The issue is related to an integer overflow that allows remote attackers to execute arbitrary code. This is achieved by sending a large length value in an authentication packet, which results in a heap-based buffer overflow.

Recommendations For McAfee E-Business Server versions prior to 8.5.3 for Solaris, update to version 8.5.3 or later. For McAfee E-Business Server versions prior to 8.1.2 for Linux, HP-UX, and AIX, update to version 8.1.2 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-189

Related Identifiers

CVE-2007-2957

Affected Products

Aix

Hp-Ux

Linux

Mcafee E-Business Server

Solaris

PT-2007-4254 · Linux+4 · Linux+4

CVE-2007-2957

Weakness Enumeration

Related Identifiers

Affected Products

References · 8