Detections
Analytics
McAfee Virtual Technician ActiveX Control GetObject() Method Remote Command Execution (SB10028)
high Nessus Plugin ID 61719
Language:
Synopsis
An ActiveX control installed on the remote Windows host can be abused to execute arbitrary code.Description
The remote Windows host has a version of the McAfee Virtual Technician / ePolicy Orchestrator ActiveX control that allows execution of arbitrary code. The 'GetObject()' method can be used to load any class on the underlying operating system. For example, by loading the 'WScript.Shell' class, attackers can then run arbitrary operating system commands.If an attacker can trick a user on the affected host into viewing a specially crafted HTML document, he can leverage this issue to execute arbitrary commands on the affected system subject to the user's privileges.
Solution
Upgrade to McAfee Virtual Technician 6.4 / ePolicy Orchestrator 1.0.8 or later.See Also
https://kc.mcafee.com/corporate/index?page=content&id=SB10028
Plugin Details
Severity: High
ID: 61719
File Name: mcafee_virtual_technician_activex.nasl
Version: 1.6
Type: local
Agent: windows
Family: Windows
Published: 8/29/2012
Updated: 7/14/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.7
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:mcafee:mcafee_virtual_technician
Required KB Items: SMB/Registry/Enumerated
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 5/4/2012
Vulnerability Publication Date: 4/30/2012
Exploitable With
Metasploit (McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject Vulnerability)
Reference Information
CVE: CVE-2012-4598
BID: 53304
MCAFEE-SB: SB10028