CVE-2003-0616 Information

Description

Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0 2.5 and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter which are used when logging a failed name resolution.

Reference

http://www.atstake.com/research/advisories/2003/a073103-1.txt http://www.nai.com/us/promos/mcafee/epo_vulnerabilities.asp