Over the last couple of months when I scan a Windows XP SP2 or Windows 2003 SP1 system with Nessus (the Windows Version) I've noticed an increase in the number of holes reported connected to McAfee ePolicy Orchestrator agent.
Since I have to address every Warning and Hole in my report, Im concerned about the below items and I was looking to the list to gather some assistance. The following is from a vulnerability report of a Windows XP SP2 workstation that I scanned yesterday. Nessus Version 3.0.3 build W334, Plug-ins updated on Dec 12 2006, and Nessus is running on Windows XP SP2. Target Windows XP SP2 & McAfee ePolicy Orchestrator agent (EPO) version 3.5.5.580 McAfee ePolicy Orchestrator agent (8081/tcp) 1.) It may be possible to make the web server execute arbitrary code or crash by sending it an authorization string which is too long. Risk Factor : High Solution: Upgrade your web server. Plugin ID : 10515 2.) It was possible to crash the remote ICQ client by connecting to port 80 and sending the request: GET /cgi-bin/guestbook.cgi? An attacker may use this problem to prevent you from working properly. Solution deactivate the webserver service of the client Risk Factor : Low CVE : CVE-2000-0564 BID : 1463 Plugin ID : 10347 3.) It was possible to freeze or reboot Windows by reading a MS/DOS device through HTTP, using a file name like CON\CON, AUX.htm or AUX. A cracker may use this flaw to make your system crash continuously, preventing you from working properly. Solution: upgrade your system or use a HTTP server that filters those names out. Risk Factor : High CVE : CVE-2001-0386, CVE-2001-0493, CVE-2001-0391, CVE-2001-0558, CVE-2002-0200, CVE-2000-0168, CVE-2003-0016, CVE-2001-0602 BID : 1043, 2575, 2608, 2622, 2649, 2704, 3929, 6659, 6662 Plugin ID : 10930 Any Feedback about the above would be great. Thank You in advance --John _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
