McAfee Common Management Agent (CMA) integer overflow (Security_Management_StringSize_Overflow)

About this signature or vulnerability

RealSecure Server Sensor, RealSecure Network, BlackICE PC Protection, Proventia Server IPS for Microsoft Windows technology, BlackICE Server Protection, Proventia Network MFS, Proventia-G 1.1 and earlier, Proventia Desktop, Proventia Network IPS, Proventia Server IPS for Linux technology:

This signature detects a message to a specific security management application which contains a variable length string field with an invalid length specification. The application may receive this data through either TCP or UDP communications.

Default risk level

 High

Sensors that have this signature

RealSecure Server Sensor: XPU 24.56, RealSecure Network: XPU 24.56, BlackICE PC Protection: 3.6cqb, Proventia Server IPS for Microsoft Windows technology: 1.0.914.1960, BlackICE Server Protection: 3.6.cqb, Proventia Network MFS: XPU 1.95, Proventia-G 1.1 and earlier: XPU 24.56, Proventia Desktop: 1960, Proventia Network IPS: XPU 1.95, Proventia Server IPS for Linux technology: 1.95

Systems affected

McAfee ePolicy Orchestrator: 3.6.0, McAfee ePolicy Orchestrator: 3.5.0, McAfee ProtectionPilot: 1.5, McAfee Common Management Agent: 3.5.5.438, McAfee ProtectionPilot: 1.1.1, McAfee ePolicy Orchestrator: 3.6.1

Type

Unauthorized Access Attempt

Vulnerability description

How to remove this vulnerability

References