CVE-2007-2957

2007-10-31 23:46:00 2017-07-29 03:31:52

Integer overflow in McAfee E-Business Server before 8.5.3 for Solaris, and before 8.1.2 for Linux, HP-UX, and AIX, allows remote attackers to execute arbitrary code via a large length value in an authentication packet, which results in a heap-based buffer overflow.

Vector

NETWORK

Complexity

MEDIUM

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Mcafee E-business server 8.1.1 Aix (not an official CPE) Mcafee E-business server 8.1.1 Linux (not an official CPE) Mcafee E-business server 8.1.1 Hpux (not an official CPE) Mcafee E-business server 8.5.2 Solaris (not an official CPE)

Mcafee - E-business server

Advisory	Patch	Confirmed	Link
			https://knowledge.mcafee.com/SupportSite/dynamickc.do?ex...
			mcafee-ebusiness-auth-packet-bo(38175)
			26269
			ADV-2007-3663
			1018878

CVE-2007-2957

2007-10-31 23:46:00 2017-07-29 03:31:52

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)