10 matches found
EUVD-2011-5000
Malware in sbrugna...
CVE-2011-5100
The web interface in McAfee Firewall Reporter before 5.1.0.13 does not properly implement cookie authentication, which allows remote attackers to obtain access, and disable anti-virus functionality, via an HTTP request...
CVE-2011-5100
The web interface in McAfee Firewall Reporter before 5.1.0.13 does not properly implement cookie authentication, which allows remote attackers to obtain access, and disable anti-virus functionality, via an HTTP request...
CVE-2011-5100
The web interface in McAfee Firewall Reporter before 5.1.0.13 does not properly implement cookie authentication, which allows remote attackers to obtain access, and disable anti-virus functionality, via an HTTP request...
CVE-2011-5100
CVE-2011-5100 affects the McAfee Firewall Reporter web interface (pre-5.1.0.13). The root cause is improper cookie authentication, allowing remote attackers to obtain access and disable anti-virus functionality via an HTTP request. The vulnerability is reflected in NVD as CVSSv2 base score 7.5 (H...
McAfee Firewall Reporter isValidClient Authentication Bypass
Added: 06/03/2011 BID: 47306 OSVDB: 71842 Background McAfee Firewall Reporter is an enterprise-class security event management SEM reporting solution. Problem McAfee Firewall Reporter versions 5.1.0.6 through 5.1.0.12 are vulnerable to an authentication bypass that may allow remote attackers to...
McAfee Firewall Reporter isValidClient Authentication Bypass
Added: 06/03/2011 BID: 47306 OSVDB: 71842 Background McAfee Firewall Reporter is an enterprise-class security event management SEM reporting solution. Problem McAfee Firewall Reporter versions 5.1.0.6 through 5.1.0.12 are vulnerable to an authentication bypass that may allow remote attackers to...
McAfee Firewall Reporter isValidClient Authentication Bypass
Added: 06/03/2011 BID: 47306 OSVDB: 71842 Background McAfee Firewall Reporter is an enterprise-class security event management SEM reporting solution. Problem McAfee Firewall Reporter versions 5.1.0.6 through 5.1.0.12 are vulnerable to an authentication bypass that may allow remote attackers to...
McAfee Firewall Reporter isValidClient Authentication Bypass
Added: 06/03/2011 BID: 47306 OSVDB: 71842 Background McAfee Firewall Reporter is an enterprise-class security event management SEM reporting solution. Problem McAfee Firewall Reporter versions 5.1.0.6 through 5.1.0.12 are vulnerable to an authentication bypass that may allow remote attackers to...
McAfee Firewall Reporter 'GernalUtilities.pm'验证绕过漏洞
Bugtraq ID: 47306 McAfee Firewall Reporter用于集中处理企业范围内McAfee网关安全设备的日志和审计数据。 负责验证用户的代码存在缺陷。GernalUtilities.pm包含的代码通过解析Cookie值来验证会话是否合法。在检查特定文件只判断是否存在而没有检查其内容。使用目录遍历技术攻击者可以把cgisess cookie值指向任意服务器上存在的文件,绕过验证。 0 McAfee Firewall Reporter 5.1.0.6 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息:...