Over the last couple of months when I scan a Windows XP SP2 or Windows 2003 SP1
system with Nessus (the Windows Version) I've noticed an increase in the number
of holes reported connected to McAfee ePolicy Orchestrator agent.
Since I have to address every Warning and Hole in my report, I?m concerned
about the below items and I was looking to the list to gather some assistance.
The following is from a vulnerability report of a Windows XP SP2 workstation
that I scanned yesterday.
Nessus Version 3.0.3 build W334, Plug-ins updated on Dec 12 2006, and Nessus is
running on Windows XP SP2.
Target Windows XP SP2 & McAfee ePolicy Orchestrator agent (EPO) version
3.5.5.580
McAfee ePolicy Orchestrator agent (8081/tcp)
1.) It may be possible to make the web server execute arbitrary code or crash
by sending it an authorization string which is too long.
Risk Factor : High
Solution: Upgrade your web server.
Plugin ID : 10515
2.) It was possible to crash the remote ICQ client by connecting to port 80 and
sending the request:
GET /cgi-bin/guestbook.cgi?
An attacker may use this problem to prevent you from working properly.
Solution deactivate the webserver service of the client
Risk Factor : Low
CVE : CVE-2000-0564
BID : 1463
Plugin ID : 10347
3.) It was possible to freeze or reboot Windows by reading a MS/DOS device
through HTTP, using a file name like CON\CON, AUX.htm or AUX.
A cracker may use this flaw to make your system crash continuously, preventing
you from working properly.
Solution: upgrade your system or use a HTTP server that filters those names out.
Risk Factor : High
CVE : CVE-2001-0386, CVE-2001-0493, CVE-2001-0391, CVE-2001-0558,
CVE-2002-0200, CVE-2000-0168, CVE-2003-0016, CVE-2001-0602
BID : 1043, 2575, 2608, 2622, 2649, 2704, 3929, 6659, 6662
Plugin ID : 10930
Any Feedback about the above would be great.
Thank You in advance --John
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
