Published:2005/08/24 Last Updated:2008/05/21
JVN#8778A308
Common Management Agent 3.x vulnerable to information leakage
Overview
Common Management Agent used in ePolicy Orchestrator and ProtectionPilot has a problem in directory access right setting which allows an attacker to obtain or view a list of files.
Products Affected
- ePolicy Orchestrator 3.x
- Protection Pilot agent 1.x
Description
Impact
A remote attacker could view files.
Solution
Vendor Status
| Vendor | Link |
| McAfee Co., Ltd. |
http://www.mcafeesecurity.com/japan/pqa/aMcAfeeEpo.asp?ancQno=EP05081501&ancProd=McAfeeEpo |
References
JPCERT/CC Addendum
Credit
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE | |
| JVN iPedia |
JVNDB-2005-000781 |