Vulnerability Name:

CVE-2008-1855 (CCN-41597)

Assigned:2008-04-02
Published:2008-04-02
Updated:2017-09-29
Summary:FrameworkService.exe in McAfee Common Management Agent (CMA) 3.6.0.574 Patch 3 and earlier, as used by ePolicy Orchestrator (ePO) and ProtectionPilot (PrP), allows remote attackers to corrupt memory and cause a denial of service (CMA Framework service crash) via a long invalid method in requests for the /spin//AVClient//AVClient.csp URI, a different vulnerability than CVE-2006-5274.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
4.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:W/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
4.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:F/RL:W/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-399
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2008-1855

Source: CCN
Type: SA29637
McAfee Common Management Agent Framework Service Denial of Service

Source: SECUNIA
Type: Vendor Advisory
29637

Source: CCN
Type: SECTRACK ID: 1019794
McAfee ePolicy Orchestrator Common Management Agent Memory Bug Lets Remote Users Deny Service

Source: CCN
Type: McAfee Web site
McAfee ePolicy Orchestrator

Source: MISC
Type: Exploit
http://www.offensive-security.com/0day/mcafee_again.py.txt

Source: CCN
Type: OSVDB ID: 44161
McAfee Common Management Agent (CMA) Framework Service Crafted Request Remote DoS

Source: BID
Type: Exploit
28573

Source: CCN
Type: BID-28573
McAfee Common Management Agent 'FrameworkService.exe' Remote Denial of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1019794

Source: VUPEN
Type: UNKNOWN
ADV-2008-1122

Source: XF
Type: UNKNOWN
mcafee-cma-frameworkservice-dos(41597)

Source: XF
Type: UNKNOWN
mcafee-cma-frameworkservice-dos(41597)

Source: CCN
Type: McAfee Security Alert Document ID: 615324
McAfee Security Bulletin - CMA HTTP Request DoS vulnerability

Source: CONFIRM
Type: UNKNOWN
https://knowledge.mcafee.com/article/219/615324_f.SAL_Public.html

Source: EXPLOIT-DB
Type: UNKNOWN
5343

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mcafee:cma:*:*:*:*:*:*:*:* (Version <= 3.6.0.574)

  • Configuration CCN 1:
  • cpe:/a:mcafee:epolicy_orchestrator:3.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:mcafee:protectionpilot:1.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:mcafee:epolicy_orchestrator:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:mcafee:epolicy_orchestrator:3.6.0:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    mcafee cma *
    mcafee epolicy orchestrator 3.6.1
    mcafee protectionpilot 1.5.0
    mcafee epolicy orchestrator 4.0
    mcafee epolicy orchestrator 3.6.0