CVE-2004-0038

Published: Jun 14, 2004Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 allows remote attackers to execute arbitrary commands via certain HTTP POST requests to the spipe/file handler on ePO TCP port 81.

Affected (5)

Products: Mcafee: Epolicy Orchestrator

1 product

Epolicy Orchestrator

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Mcafee Epolicy Orchestrator	Version 2.5.1
Mcafee Epolicy Orchestrator	Version 2.5
Mcafee Epolicy Orchestrator	Version 2.5 sp1
Mcafee Epolicy Orchestrator	Version 3.0
Mcafee Epolicy Orchestrator	Version 3.0 sp2a

References (10)

http://download.nai.com/products/patches/ePO/v2.x/Patch14.txt

Source: cve@mitre.org

Vendor Advisory

http://www.osvdb.org/5626

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/10200

Source: cve@mitre.org

PatchVendor Advisory

http://xforce.iss.net/xforce/alerts/id/173

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/14166

Source: cve@mitre.org

http://download.nai.com/products/patches/ePO/v2.x/Patch14.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.osvdb.org/5626

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/10200

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://xforce.iss.net/xforce/alerts/id/173

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/14166

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.