Description
McAfee IntruShield Security Management System obtains the user ID from the URL, which allows remote attackers to guess the Manager account and possibly gain privileges via a brute force attack.
References (3)
Core 3
Core References
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=112076813804503&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1014422
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=112066594312876&w=2
Scores
EPSS
0.0072
EPSS Percentile
72.6%
Details
Status
published
Products (1)
mcafee/intrushield_security_management_system
Published
Jul 11, 2005
Tracked Since
Feb 18, 2026