CVE-2008-0127

Mcafee E-business Server < 8.5.2 - Memory Corruption

Title source: rule

Description

The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long initial authentication packet.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Leon Juranic · perldosmultiple

https://www.exploit-db.com/exploits/4878

View Code ZIP pw:eip

References (11)

[Various Sources] https://knowledge.mcafee.com/SupportSite/dynamickc.do?externalId=614472&sliceId=SAL_Public&command=show&forward=nonthreadedKC&kcId=614472

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/39561

[Third Party Advisory] http://secunia.com/advisories/28408

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1019170

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/4878

[Third Party Advisory] http://securityreason.com/securityalert/3530

[Third Party Advisory] http://www.vupen.com/english/advisories/2008/0087

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/486035/100/0/threaded

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/39563

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/485992/100/0/threaded

[Patch] http://www.securityfocus.com/bid/27197

Scores

EPSS 0.2459

EPSS Percentile 96.1%

Details

CWE

CWE-119

Status published

Products (1)

mcafee/e-business_server < 8.5.2

Published Jan 10, 2008

Tracked Since Feb 18, 2026