Re: [Full-disclosure] Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3)

To: reedarvin@xxxxxxxxx
Subject: Re: [Full-disclosure] Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3)
From: NoBrain NoPain <nobnop@xxxxxxxxx>
Date: Mon, 15 Aug 2005 11:49:50 +0200
Cc: vuln@xxxxxxxxxxx, news@xxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:mime-version:content-type:content-transfer-encoding:content-disposition; b=Bqec1yuAs/0Q4cr5eD2qi9jumQKwGGTyH57aFaHBMxZuBJd2qHpYC4YJyZJuGdQE2MZt/dItTYk4x5bKReF012EiPqQmHcJiIa0hDB+0ZQgGQaOMPgaVcdt4NiLXjG62Yv+RFfL+JHK/9YnyRkkYqh6shQczLbiwTrUp39QWOEQ=
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Hello,

Reed Arvin wrote:
> Patches/Workarounds:
> The vendor was notified of the issue. There was no response.

Vendor Response:
http://knowledgemap.nai.com/KanisaSupportSite/search.do?cmd=displayKC&docType=kc&externalId=KBkb42216xml&language=en_US

One can find there: "McAfee was not notified in advance of this
vulnerability per "standard industry practices". It would be
interesting when you contacted McAfee and what you told them...;)

-- nobnop

Follow-Ups:
- Re: [Full-disclosure] Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3)
  - From: Reed Arvin

Prev by Date: Hummingbird FTP Weak Password Encryption
Next by Date: Re: [Full-disclosure] Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3)
Previous by thread: Hummingbird FTP Weak Password Encryption
Next by thread: Re: [Full-disclosure] Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3)
Index(es):
- Date
- Thread