Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2187

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2005-2187
Last Modified 05 Sep 2008 04:51:06
Published 11 Jul 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-2187

Summary

McAfee IntruShield Security Management System allows remote authenticated users to access the "Generate Reports" feature and modify alerts by setting the Access option to true, as demonstrated using the (1) fullAccess or (2) fullAccessRight parameter in reports-column-center.jsp, or (3) fullAccess parameter to SystemEvent.jsp.

Vulnerable Systems


References

BUGTRAQ - 20050706 Re: Re: McAfee Intrushield IPS Abuse

BUGTRAQ - 20050706 McAfee Intrushield IPS Abuse

SECTRACK - 1014422

SECUNIA - 15961


Last Updated: 27 May 2016 10:40:26