Denial of Service Vulnerability in McAfee e-Business Server
CVE-2007-2151

Currently unrated

Key Information:

Vendor: Mcafee
Status: E-business Server
Vendor: CVE Published:; 19 April 2007

Summary

The administration server component of McAfee e-Business Server versions prior to 8.1.1 and 8.5.x before 8.5.2 is susceptible to a Denial of Service attack. An attacker can exploit this vulnerability by sending a malformed authentication packet that specifies a large length value, which in turn leads to a service crash due to a heap over-read. It is crucial for admins utilizing affected versions to implement applicable updates and ensure secure configurations to mitigate potential risks.

References

http://www.vupen.com/english/advisories/2007/1434

vdb-entryx_refsource_VUPEN

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

https://knowledge.mcafee.com/SupportSite/dynamickc.do?ext...

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 19, 2007
Vulnerability Reserved
Apr 19, 2007