31 matches found
EUVD-2005-2189
Malware in sbrugna...
EUVD-2005-2187
Malware in sbrugna...
EUVD-2009-3546
Malware in sbrugna...
EUVD-2009-3547
Malware in sbrugna...
McAfee IntruShield Security Management System Multiple Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/14167/info McAfee IntruShield Security Management System is susceptible to multiple vulnerabilities. The first two issues are cross-site scripting vulnerabilities in the 'intruvert/jsp/systemHealth/SystemEvent.jsp' script...
CVE-2009-3566
McAfee IntruShield Network Security Manager NSM before 5.1.11.8.1 does not include the HTTPOnly flag in the Set-Cookie header for the session identifier, which allows remote attackers to hijack a session by leveraging a cross-site scripting XSS vulnerability...
CVE-2009-3565
Multiple cross-site scripting XSS vulnerabilities in intruvert/jsp/module/Login.jsp in McAfee IntruShield Network Security Manager NSM before 5.1.11.6 allow remote attackers to inject arbitrary web script or HTML via the 1 iaction or 2 node parameter...
Cross site scripting
McAfee IntruShield Network Security Manager NSM before 5.1.11.8.1 does not include the HTTPOnly flag in the Set-Cookie header for the session identifier, which allows remote attackers to hijack a session by leveraging a cross-site scripting XSS vulnerability...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in intruvert/jsp/module/Login.jsp in McAfee IntruShield Network Security Manager NSM before 5.1.11.6 allow remote attackers to inject arbitrary web script or HTML via the 1 iaction or 2 node parameter...
CVE-2009-3566
McAfee IntruShield Network Security Manager NSM before 5.1.11.8.1 does not include the HTTPOnly flag in the Set-Cookie header for the session identifier, which allows remote attackers to hijack a session by leveraging a cross-site scripting XSS vulnerability...
CVE-2009-3566
The CVE-2009-3566 issue affects McAfee IntruShield Network Security Manager (NSM) prior to 5.1.11.8.1, where the session ID cookie is issued without the HttpOnly flag, enabling an XSS-based theft of the session cookie and potential remote session hijacking. Source material indicates the vulnerabi...
CVE-2009-3565
McAfee Network Security Manager (NSM) NSM, affected versions before 5.1.11.6, is reported vulnerable to cross-site scripting (XSS) via user-controllable input in Login.jsp. Specifically, the iaction and node parameters are not properly sanitized, allowing remote attackers to inject arbitrary scri...
CVE-2009-3565
Multiple cross-site scripting XSS vulnerabilities in intruvert/jsp/module/Login.jsp in McAfee IntruShield Network Security Manager NSM before 5.1.11.6 allow remote attackers to inject arbitrary web script or HTML via the 1 iaction or 2 node parameter...
[SWRX-2009-002] McAfee Network Security Manager Authentication Bypass and Session Hijacking Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 SecureWorks Security Advisory SWRX-2009-002 McAfee Network Security Manager Authentication Bypass and Session Hijacking Vulnerability Advisory Information Title: McAfee Network Security Manager Authentication Bypass and Session Hijacking Vulnerabili...
McAfee IntruShield Management Console (HTTP)
The remote host is running the McAfee IntruShield Management Console. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
McAfee Intrushield IPS Abuse Update is available
HI, The IntruShield Manager version 2.1.9.17 contains several updates that correct the vulnerable components that were targeted. IntruShield customers may download the new manager version from: http://www.mcafeesecurity.com/us/downloads/default.asp?wt.mcn=usupdates&wt.mct=extlicon&cid=10373 On 6...
Multiple McAffee Intrushield IPS (intrusion prevention system) vulnerabilities
Multiple web interface vulnerabilities including crosssite scripting and privilege escalation...
CVE-2005-2187
McAfee IntruShield Security Management System allows remote authenticated users to access the "Generate Reports" feature and modify alerts by setting the Access option to true, as demonstrated using the 1 fullAccess or 2 fullAccessRight parameter in reports-column-center.jsp, or 3 fullAccess...
CVE-2005-2188
McAfee IntruShield Security Management System obtains the user ID from the URL, which allows remote attackers to guess the Manager account and possibly gain privileges via a brute force attack...
CVE-2005-2186
Multiple cross-site scripting XSS vulnerabilities in McAfee IntruShield Security Management System allow remote authenticated users to inject arbitrary web script or HTML via the 1 thirdMenuName or 2 resourceName parameter to SystemEvent.jsp...