|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA15961] McAfee IntruShield Security Management System Multiple Vulnerabilities
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Thu Jul 07 2005 - 13:52:40 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
----------------------------------------------------------------------
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-
Sicherheit:
http://secunia.com/secunia_vacancies/
----------------------------------------------------------------------
TITLE:
McAfee IntruShield Security Management System Multiple
Vulnerabilities
SECUNIA ADVISORY ID:
SA15961
VERIFY ADVISORY:
http://secunia.com/advisories/15961/
CRITICAL:
Moderately critical
IMPACT:
Security Bypass, Cross Site Scripting, Manipulation of data
WHERE:
From local network
SOFTWARE:
McAfee IntruShield Security Management System
http://secunia.com/product/5340/
DESCRIPTION:
Several vulnerabilities have been reported in McAfee Intrushield IPS
Management Console, which can be exploited by malicious users to
conduct cross-site scripting attacks, bypass security restrictions,
and gain escalated privileges in the web application.
1) Inputs passed to the "thirdMenuName" and "resourceName" parameters
in "SystemEvent.jsp" aren't properly santised before being returned to
users. This can be exploited to execute arbitrary HTML and script code
in a user's browser session in context of a vulnerable site.
2) Inputs passed to the "AccessRight" parameter in
"reports-column-center.jsp" isn't properly sanitsed before being
used. This can be exploited to view the "Generate Reports" page,
which should not be accessible by non-privileged users.
3) Inputs passed to the "fullAccess" parameter in "SystemEvent.jsp"
isn't properly santised before being used. This can be exploited to
gain escalated privileges in the application.
Successful exploitation requires a valid logon.
SOLUTION:
Grant only trusted users access to the application.
PROVIDED AND/OR DISCOVERED BY:
c0ntex
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]