orchestrator software vulnerabilities
vulnerabilities.aspcode.net
Searching orchestrator software vulnerabilities
Format string vulnerability in McAfee Security
vulnerability
|
Orchestrator
|
Security
|
ePolicy
|
Format
|
string
|
McAfee
|
Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote attackers to execute arbitrary code via an HTTP GET request with a URI containing format strings.
The default installation of MSDE via McAfee ePo
Orchestrator
|
installation
|
attackers
|
arbitrary
|
through
|
execute
|
default
|
ePolicy
|
series
|
McAfee
|
allows
|
steps
|
code
|
MSDE
|
via
|
The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from the ePO server using a certain request, (2) crack the password due to weak cryptography, and (3) use the password to pass commands through xp_cmdshell.
Heap-based buffer overflow in ePO agent for McA
Orchestrator
|
Heap-based
|
overflow
|
ePolicy
|
McAfee
|
buffer
|
agent
|
ePO
|
Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters.
Format string vulnerability in ePO service for
vulnerability
|
Orchestrator
|
service
|
ePolicy
|
string
|
McAfee
|
Format
|
ePO
|
Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution.
McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 1
Orchestrator
|
ePolicy
|
McAfee
|
McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 allows remote attackers to execute arbitrary commands via certain HTTP POST requests to the spipe/file handler on ePO TCP port 81.
The web server for Network Associates ePolicy O
Orchestrator
|
Associates
|
ePolicy
|
Network
|
server
|
Agent
|
web
|
The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) uses insecure permissions for the "Common Framework\Db" folder, which allows local users to read arbitrary files by creating a subfolder in the EPO agent web root directory.
Directory traversal vulnerability in Framework
vulnerability
|
Orchestrator
|
component
|
arbitrary
|
attackers
|
traversal
|
Directory
|
Framework
|
earlier
|
Service
|
ePolicy
|
remote
|
create
|
McAfee
|
allows
|
files
|
agent
|
350x
|
via
|
Directory traversal vulnerability in Framework Service component in McAfee ePolicy Orchestrator agent 3.5.0.x and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the directory and filename in a PropsResponse (PackageType) request.
Buffer overflow in McAfee ePolicy Orchestrator
Orchestrator
|
overflow
|
ePolicy
|
before
|
Buffer
|
McAfee
|
Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header.
Integer underflow in McAfee ePolicy Orchestrato
Orchestrator
|
underflow
|
ePolicy
|
Integer
|
through
|
McAfee
|
Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet, which causes stack corruption.
Stack-based buffer overflow in McAfee ePolicy O
Orchestrator
|
Stack-based
|
overflow
|
ePolicy
|
through
|
buffer
|
McAfee
|
Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet.
Heap-based buffer overflow in McAfee ePolicy Or
Orchestrator
|
Heap-based
|
overflow
|
ePolicy
|
through
|
buffer
|
McAfee
|
Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet.
Integer overflow in McAfee ePolicy Orchestrator
Orchestrator
|
overflow
|
ePolicy
|
Integer
|
through
|
McAfee
|
Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA Framework service crash) and possibly execute arbitrary code via unspecified vectors.
Multiple stack-based buffer overflows in the Si
SiteManagerSiteMgr1
|
stack-based
|
overflows
|
Multiple
|
control
|
ActiveX
|
buffer
|
Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call.
Software vulnerabilities results 1 to 14 of 14
Page:
1