14 DAY TRIAL // In June 2013, someone published a video to YouTube to show off a tool called the McAfee ePolicy 0wner. The hacking tool, which is designed to exploit a couple of vulnerabilities in McAfee’s ePolicy Orchestrator (ePO), has been recently released to the public.
ePolicy 0wner is designed to exploit a couple of ePO vulnerabilities that McAfee patched last year, Tripwire experts report. The flaws in question – CVE-2013-0140 and CVE-2013-0141 – were reported by experts from Verizon Enterprise Solutions.
According to McAfee, the bugs can be exploited for unauthorized information disclosure, unauthorized modification or disruption of service.
The hacking tool enables users to carry out various tasks, including add rogue systems to an ePO server, upload files, steal domain credentials, and execute commands both on the ePO server and on other systems managed with McAfee’s centralized security management software. It’s worth noting that the attacker must be on the victim’s network for the attack to work.
The vulnerabilities impact versions 4.5 (RTW) to 4.5.6, and 4.6 (TRW) to 4.6.5. Tripwire’s IP360 and the SecureScan tool are capable of detecting the presence of the vulnerabilities, but the company advises administrators to make sure that their installations are patched.
Check out the video that shows the ePolicy 0wner hacking tool in action:
