31 matches found
CVE-2005-2188
McAfee IntruShield Security Management System obtains the user ID from the URL, which allows remote attackers to guess the Manager account and possibly gain privileges via a brute force attack...
CVE-2005-2187
McAfee IntruShield Security Management System allows remote authenticated users to access the "Generate Reports" feature and modify alerts by setting the Access option to true, as demonstrated using the 1 fullAccess or 2 fullAccessRight parameter in reports-column-center.jsp, or 3 fullAccess...
CVE-2005-2186
CVE-2005-2186 describes multiple cross-site scripting (XSS) vulnerabilities in McAfee IntruShield Security Management System. Remote authenticated users can inject arbitrary web script or HTML through either the thirdMenuName or resourceName parameter to SystemEvent.jsp. The NVD record assigns a ...
CVE-2005-2188
CVE-2005-2188 affects McAfee IntruShield Security Management System. The flaw allows remote attackers to obtain the Manager account by guessing the user ID included in the URL, enabling a brute-force path to privilege escalation. The common description notes possible privilege gain via brute forc...
CVE-2005-2187
CVE-2005-2187 affects McAfee IntruShield Security Management System. The issue allows remote authenticated users to access the Generate Reports feature and modify alerts by setting the Access option to true, demonstrated via (1) fullAccess or (2) fullAccessRight in reports-column-center.jsp, or (...
CVE-2005-2186
Multiple cross-site scripting XSS vulnerabilities in McAfee IntruShield Security Management System allow remote authenticated users to inject arbitrary web script or HTML via the 1 thirdMenuName or 2 resourceName parameter to SystemEvent.jsp...
McAfee Intrushield IPS Abuse
/ $ An open security advisory 8 - McAfee Intrushield IPS Management Console Abuse 1: Bug Researcher: c0ntex - c0ntexbatgmail.com 2: Bug Released: July 06 2005 3: Bug Impact Rate: Medium / Hi 4: Bug Scope Rate: Local / Remote $ This advisory and/or proof of concept code must not be used for...
McAfeeIPS.txt
------=Part1341925560245.1120660746428 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline / = $ An open security advisory 8 - McAfee Intrushield IPS Management Console= =20 Abuse = 1: Bug Researcher: c0ntex - c0ntexbatgmail.com 2:...
McAfee IntruShield Security Management System - Multiple Vulnerabilities
McAfee IntruShield Security Management System - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/14167/info McAfee IntruShield Security Management System is susceptible to multiple vulnerabilities. The first two issues are cross-site scripting vulnerabilities in the...
McAfee IntruShield Security Management System - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/14167/info McAfee IntruShield Security Management System is susceptible to multiple vulnerabilities. The first two issues are cross-site scripting vulnerabilities in the 'intruvert/jsp/systemHealth/SystemEvent.jsp' script. These issues are due to a failur...
McAfee IntruShield Management Console Detection
If an attacker can log into the IntruShield Management Console on the remote host, the attacker will have the ability to modify sensor configuration. C Tenable Network Security, Inc. - modified by Josh Zlatin-Amishav to support newer versions of the product. include"compat.inc"; if description...