CVE-2006-5272

McAfee Common Management Agent <= 3.6.0.453 - Remote Code Execution via Crafted Ping Packet

Title source: llm

Description

Stack-based buffer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.6.0.453 and earlier allows remote attackers to execute arbitrary code via a crafted ping packet.

References (8)

Core 8

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/36099

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/2498

Various Sources x_refsource_confirm

https://knowledge.mcafee.com/article/762/613365_f.SAL_Public.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/31163

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1018363

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/26029

Third Party Advisory third-party-advisory x_refsource_iss

http://www.iss.net/threats/269.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/24863

Scores

EPSS 0.0629

EPSS Percentile 91.0%

Details

Status published

Products (5)

mcafee/common_management_agent < 3.6.0.453

mcafee/e-business_server 3.5

mcafee/e-business_server 3.6.1

mcafee/protectionpilot 1.1.1 (2 CPE variants)

mcafee/protectionpilot 1.5.0

Published Jul 12, 2007

Tracked Since Feb 18, 2026