Mcafee E-Business Server vulnerabilities

6 known vulnerabilities affecting mcafee/e-business_server.

Total CVEs

6

CISA KEV

0

Public exploits

1

Exploited in wild

0

Severity breakdown

CRITICAL1HIGH4MEDIUM1

Vulnerabilities

Page 1 of 1

CVE-2008-0127HIGHCVSS 8.8PoC≤ 8.5.22008-01-10

CVE-2008-0127 [HIGH] CWE-119 CVE-2008-0127: The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers t The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long initial authentication packet.

CVE-2007-2957CRITICALCVSS 9.3≤ 8.1.1≤ 8.5.22007-10-31

CVE-2007-2957 [CRITICAL] CWE-189 CVE-2007-2957: Integer overflow in McAfee E-Business Server before 8.5.3 for Solaris, and before 8.1.2 for Linux, H Integer overflow in McAfee E-Business Server before 8.5.3 for Solaris, and before 8.1.2 for Linux, HP-UX, and AIX, allows remote attackers to execute arbitrary code via a large length value in an authentication packet, which results in a heap-based buffer overflow.

CVE-2006-5273HIGHCVSS 7.6v3.5v3.6.12007-07-12

CVE-2006-5273 [HIGH] CVE-2006-5273: Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 a Heap-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 through 3.6.0.453 allows remote attackers to execute arbitrary code via a crafted packet.

CVE-2006-5272HIGHCVSS 7.5v3.5v3.6.12007-07-12

CVE-2006-5272 [HIGH] CVE-2006-5272: Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet.

CVE-2006-5271HIGHCVSS 7.6v3.5v3.6.12007-07-12

CVE-2006-5271 [HIGH] CVE-2006-5271: Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, a Integer underflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted UDP packet, which causes stack corruption.

CVE-2007-2151MEDIUMCVSS 5.0v8.1v8.5.12007-04-19

CVE-2007-2151 [MEDIUM] CVE-2007-2151: The administration server in McAfee e-Business Server before 8.1.1 and 8.5.x before 8.5.2 allows rem The administration server in McAfee e-Business Server before 8.1.1 and 8.5.x before 8.5.2 allows remote attackers to cause a denial of service (service crash) via a large length value in a malformed authentication packet, which triggers a heap over-read.