McAfee Firewall Reporter 'GernalUtilities.pm' Authentication Bypass Vulnerability

McAfee Firewall Reporter is prone to an authentication-bypass vulnerability.

Successfully exploiting this issue will allow attackers to point the 'cgisess' cookie value to an arbitrary file that exists on the server, bypassing certain security restrictions.

This issue may allow websites to bypass certain security restrictions and gain access to potentially sensitive information.

This issue was introduced in McAfee Firewall Reporter 5.1.0.6


 

Privacy Statement
Copyright 2010, SecurityFocus