McAfee E-Business Administration Server Authentication Packet Denial of Service Vulnerability
BID:23544
Info
McAfee E-Business Administration Server Authentication Packet Denial of Service Vulnerability
| Bugtraq ID: | 23544 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 17 2007 12:00AM |
| Updated: | Apr 18 2007 08:11PM |
| Credit: | iDefense Labs discovered this vulnerability. |
| Vulnerable: |
McAfee E-Business Server 8.5.1 McAfee E-Business Server 8.1 |
| Not Vulnerable: |
McAfee E-Business Server 8.5.2 McAfee E-Business Server 8.1.1 |
Discussion
McAfee E-Business Administration Server Authentication Packet Denial of Service Vulnerability
McAfee E-Business Administration Server is prone to a remote denial-of-service vulnerability because the application fails to properly handle certain network packets. A successful attack allows a remote attacker to crash the Administration Server, denying further service to legitimate users.
These versions are affected:
E-Business Server 8.5.1 (and earlier) for Windows and Solaris
E-Business Server 8.1.0 (and earlier) for Linux, HP-UX, and AIX
McAfee E-Business Administration Server is prone to a remote denial-of-service vulnerability because the application fails to properly handle certain network packets. A successful attack allows a remote attacker to crash the Administration Server, denying further service to legitimate users.
These versions are affected:
E-Business Server 8.5.1 (and earlier) for Windows and Solaris
E-Business Server 8.1.0 (and earlier) for Linux, HP-UX, and AIX
Exploit / POC
McAfee E-Business Administration Server Authentication Packet Denial of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
McAfee E-Business Administration Server Authentication Packet Denial of Service Vulnerability
Solution:
The vendor has released upgrades to address these issues.
Solution:
The vendor has released upgrades to address these issues.
References
McAfee E-Business Administration Server Authentication Packet Denial of Service Vulnerability
References:
References:
- McAfee E-Business Server Homepage (McAfee)
- McAfee Homepage (McAfee)
- i iDefense Security Advisory 04.17.07: McAfee E-Business Admin Server Invalid D (iDefense Labs)
- McAfee E-Business Admin Server Invalid Data Length DoS Vulnerability (iDefense Labs)
- McAfee Security Bulletin - e-Business Server 8.5.2 or 8.1.1 fixes a possible deg (McAfee)