SOURCE: Fortinet

March 14, 2007 14:52 ET

Fortinet Discovers Multiple Vulnerabilities Affecting McAfee ePolicy Orchestrator and ProtectionPilot

Numerous Remote Buffer Overflow Vulnerabilities Allow Attackers to Control Victims' Systems

SUNNYVALE, CA -- (MARKET WIRE) -- March 14, 2007 -- Fortinet® -- the pioneer and leading provider of unified threat management (UTM) solutions -- today announced that its Fortinet Global Threat Research Team discovered multiple vulnerabilities in McAfee™ ePolicy Orchestrator and ProtectionPilot. The vulnerabilities allow attackers to take over the affected system by providing a malicious Web page from a controlled Web site. When the user browses the Web page from a machine with the affected products, maliciously formed data causes a buffer overflow leading to arbitrary command execution with the privileges of that user.

The vulnerability affects users of the following specific software:

--  McAfee ePolicy Orchestrator 3.6.1 and earlier
--  McAfee ePolicy Orchestrator 3.6.0 Patch 5 and earlier.
--  McAfee ePolicy Orchestrator 3.5.0 Patch 7 and earlier.
--  McAfee ProtectionPilot 1.5.0.
--  McAfee ProtectionPilot 1.1.1 Patch 3 and earlier.
    
McAfee ™ users should immediately apply the update provided by McAfee ™ on March 13, 2007. Fortinet's security research team was critical in discovering this vulnerability, as noted in the McAfee Security Bulletins:

https://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC&docType=kc&sliceId=SAL_Public&externalId=612495

https://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC&docType=kc&sliceId=SAL_Public&externalId=612496

For more information on these vulnerabilities, please visit Fortinet's FortiGuard™ Center at http://www.fortiguardcenter.com/advisory/FGA-2007-03.html.

For ongoing threat research, bookmark the FortiGuard Center (http://www.fortiguardcenter.com/) or add it to your RSS feed by going to http://www.fortinet.com/FortiGuardCenter/rss/index.html. To learn more about FortiGuard Subscription Services, visit http://www.fortinet.com/products/fortiguard.html.

About Fortinet (www.fortinet.com)

Fortinet is the pioneer and leading provider of ASIC-accelerated multi-threat security systems, which are used by enterprises and service providers to increase their security while reducing total operating costs. Fortinet solutions were built from the ground up to integrate multiple levels of security protection -- including firewall, antivirus, intrusion prevention, VPN, spyware prevention and antispam -- providing customers a way to protect multiple threats as well as blended threats. Leveraging a custom ASIC and unified interface, Fortinet solutions offer advanced security functionality that scales from remote office to chassis-based solutions with integrated management and reporting. Fortinet solutions have won multiple awards around the world and are the only security products that are certified eight times over by the ICSA (firewall, antivirus, IPSec, SSL, IPS, client antivirus detection, cleaning and antispyware). Fortinet is privately held and based in Sunnyvale, California.

Fortinet is a registered trademark of Fortinet, Inc. Fortinet, FortiGate, FortiOS, FortiAnalyzer, FortiASIC, FortiAnalyzer, FortiCare, FortiManager, FortiWiFi, FortiGuard, FortiClient, and FortiReporter are trademarks of the Fortinet, Inc. in the United States and/or other countries. All other trademarks referred to herein are the property of their respective owners.

Contact Information