CVE-2007-2151 — E-business Server vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

2.2%

top 15.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mcafee E-business Server

Timeline

PublishedApr 19

Latest updateMay 1

Description

The administration server in McAfee e-Business Server before 8.1.1 and 8.5.x before 8.5.2 allows remote attackers to cause a denial of service (service crash) via a large length value in a malformed authentication packet, which triggers a heap over-read.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmcafee/e-business_server8.1, 8.5.1+1

Patches

Patch: labs.idefense.com ↗Patch: labs.idefense.com ↗

🔴Vulnerability Details

GHSA

GHSA-7mcr-4h6g-w464: The administration server in McAfee e-Business Server before 8↗2022-05-01

▶

CVEList

CVE-2007-2151: The administration server in McAfee e-Business Server before 8↗2007-04-19

▶