|
|
|
|
| |
Credit:
The original article can be found at: http://www.secureworks.com/ctu/advisories/SWRX-2009-001
|
| |
Vulnerable Systems:
* McAfee Network Security Manager (NSM), version 5.1.7.7
Immune Systems:
* McAfee Network Security Manager (NSM), version 5.1.11.6
A remote attacker could exploit this vulnerability using vulnerable parameters in a specially-crafted URL to execute script in a victim s web browser within the security context of the Network Security Manager site.
User-controllable input supplied by the iaction and node parameters to the Login.jsp page is not properly sanitized for invalid or malicious content prior to being returned to the user in dynamically generated web content. This condition may aid an attacker in retrieving session cookies, stealing recently submitted data, or launching further attacks.
Follow best practices of placing the security management console on a segregated management network. Apply restrictive, default-deny firewall policies to protect these assets from access by unauthorized users.
Do not perform administrative access of security management consoles from computers exposed to the Internet through web browsing, email, and other applications. Lock down and heavily monitor systems used to perform administrative tasks such as accessing security management consoles.
CVE Information:
CVE-2009-3565
--------------------------------------------------------------------------------------------------------------------------------
Find out how to use an XSS vulnerability scanner.
*
|
|
|
|
|
