Directory Traversal Vulnerability in McAfee ePolicy Orchestrator
CVE-2006-3623

Currently unrated

Key Information:

Vendor

Mcafee
Status
Epolicy Orchestrator Agent
Vendor
CVE Published:
18 July 2006

What is CVE-2006-3623?

The vulnerability exists in the Framework Service component of the McAfee ePolicy Orchestrator agent version 3.5.0.x and earlier. By exploiting this flaw, remote attackers can manipulate the input to create arbitrary files on the server. This is accomplished using directory traversal techniques via the inclusion of '../' sequences in the directory and filename of a PropsResponse request. Such an exploit could jeopardize server integrity, allowing unauthorized access to sensitive files and potentially leading to further exploits.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.eeye.com/html/research/advisories/AD20060713.html
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/27738
vdb-entryx_refsource_XF
http://secunia.com/advisories/21037
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.