Vulnerability Details : CVE-2006-5156
Public exploit exists!
Buffer overflow in McAfee ePolicy Orchestrator before 3.5.0.720 and ProtectionPilot before 1.1.1.126 allows remote attackers to execute arbitrary code via a request to /spipe/pkg/ with a long source header.
Vulnerability category: OverflowExecute code
Products affected by CVE-2006-5156
- cpe:2.3:a:mcafee:epolicy_orchestrator:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:3.0:sp2a:*:*:*:*:*:*
- cpe:2.3:a:mcafee:epolicy_orchestrator:3.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:protectionpilot:1.1.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-5156
97.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2006-5156
-
McAfee ePolicy Orchestrator / ProtectionPilot Overflow
Disclosure Date: 2006-07-17First seen: 2020-04-26exploit/windows/http/mcafee_epolicy_sourceThis is an exploit for the McAfee HTTP Server (NAISERV.exe). McAfee ePolicy Orchestrator 2.5.1 <= 3.5.0 and ProtectionPilot 1.1.0 are known to be vulnerable. By sending a large 'Source' header, the stack can be overwritten. This module is based on the exploit by xb
CVSS scores for CVE-2006-5156
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2006-5156
-
http://www.kb.cert.org/vuls/id/842452
US Government Resource
-
http://www.securityfocus.com/bid/20288
McAfee EPolicy Orchestrator and ProtectionPilot HTTP Server Remote Buffer Overflow VulnerabilityExploit;Patch
-
http://download.nai.com/products/patches/ePO/v3.5/EPO3506.txt
Patch
-
http://download.nai.com/products/patches/protectionpilot/v1.1.1/PRP1113.txt
Patch
-
http://knowledge.mcafee.com/article/365/8611438_f.SAL_Public.html
-
http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/049803.html
-
http://www.vupen.com/english/advisories/2006/3861
-
http://www.remote-exploit.org/advisories/mcafee-epo.pdf
Exploit
-
http://securitytracker.com/id?1016970
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/29307
-
http://securitytracker.com/id?1016971
-
http://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC&docType=kc&externalId=8611438&sliceId=SAL_Public&dialogID=2997768&stateId=0%200%202995803
Patch
Jump to