Just wanted to give a quick heads-up that the eEye R&D team has put together a free Class C scanner (available here: http://www.eeye.com/html/downloads/other/ePOScanner.html) for the latest vulnerabilities found within McAfee ePO, CMA, and ProtectionPilot. These are some pretty serious vulnerabilities with a very large impact in networks where ePO/CMA/PP are installed, therefore warranting the free scanner.
For those of you that are using Blink, blink will protect you from the four vulnerabilities if you happen to have the ePO/CMA agent installed on the same host. For those of you using Retina, Retina has already been updated with this vulnerability audit allowing you to scan your entire network for vulnerable hosts. To read up on the vulnerabilities, check out the CVEs:
CVE-2006-5271
CVE-2006-5272
CVE-2006-5273
CVE-2006-5274
eEye Research is currently monitoring for any widespread exploitation attempts against any of these vulnerabilities. You can send any questions regarding the scanner or security in general directly to us at [email protected].
Comments