漏洞类别:CGI
漏洞等级: 
漏洞信息
McAfee ePolicy Orchestrator (ePO) software centralizes and streamlines management of endpoint, network, content security and compliance solutions.
McAfee ePO was using Apache 2.4.25, which is vulnerable to the following issues:
CVE-2017-3169: In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.
CVE-2017-7668: The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.
CVE-2017-7679: In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
Affected Versions:
ePO 5.1.3 and earlier
ePO 5.3.2 and earlier
ePO 5.9.0 and earlier
QID Detection Logic (Authenticated):
This QID fetches the McAfee ePO installation location from the following registry key: HKLM\SOFTWARE\Network Associates\ePolicy Orchestrator\InstallFolder to verify if the Apache.exe version in Apache2\bin\ is lesser than 2.4.26.0.
QID Detection Logic (Unauthenticated):
This QID tries to find vulnerable installations from the version exposed in the Title of McAfee ePO installations on port 8443.
漏洞危害
Successful exploitation allows an unauthenticated, remote attacker to gain access to sensitive information, of cause a denial of service condition on a targeted system.
解决方案
0daybank
文章评论