Intelligence Center » Browse All Vulnerabilities » CVE-2006-3623
Overview |
|
Vulnerability Score | ![]() |
CVE Id | CVE-2006-3623 |
Last Modified | 07 Mar 2011 09:39:07 |
Published | 18 Jul 2006 11:46:00 |
Confidentiality Impact | ![]() |
Integrity Impact | ![]() |
Availability Impact | ![]() |
Access Vector | NETWORK |
Access Complexity | LOW |
Authentication | NONE |

CVE-2006-3623
Summary
Directory traversal vulnerability in Framework Service component in McAfee ePolicy Orchestrator agent 3.5.0.x and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the directory and filename in a PropsResponse (PackageType) request.
Vulnerable Systems
Application
Mcafee Epolicy Orchestrator Agent 3.5.0
References
VUPEN - ADV-2006-2796
MISC - http://www.eeye.com/html/research/advisories/AD20060713.html
SECUNIA - 21037
XF - epolicy-epo-directory-traversal(27738)
BID - 18979
BUGTRAQ - 20060714 EEYE: McAfee ePolicy Orchestrator Remote Compromise
OSVDB - 27158
SECTRACK - 1016501
Last Updated: 27 May 2016 10:43:04