|
|
Family: CGI abuses --> Category: infos
McAfee Common Management Agent Directory Traversal Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks version of Common Management Agent
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server is prone to a directory traversal vulnerability.
Description :
The remote host is running a Common Management Agent, a component of
the ePolicy Orchestrator system security management solution from
McAfee.
According to its banner, the Common Management Agent on the remote
host can be used by an anonymous attacker to gain write access to any
file on the affected host with SYSTEM rights.
See also :
http://research.eeye.com/html/advisories/published/AD20060713.html
http://knowledge.mcafee.com/article/640/9925498_f.SAL_Public.html
Solution :
Upgrade to version 3.5.5 or later of the Common Management Agent as
discussed in the vendor advisory above.
Threat Level:
Low / CVSS Base Score : 2.3
(AV:R/AC:L/Au:NR/C:N/I:P/A:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
