Multiple vulnerabilities have been identified in McAfee Network Security Manager (NSM), which could be exploited by attackers to bypass security restrictions or gain knowledge of sensitive information.

The first issue is caused by input validation errors in the "Login.jsp" script when processing the "iaction" and "node" parameters, which could be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected Web site.

The second weakness is caused due to the lack of the "httponly" mechanism tag in the cookie generated by the NSM, which could allow attackers to hijack a user's session.

Affected Products

McAfee Intrushield / Network Security Manager (NSM) version 5.1.7.7 and prior

Solution

Upgrade to version 5.1.11.8.1 :
https://secure.nai.com/apps/downloads/my_products/login.asp

References

http://www.vupen.com/english/advisories/2009/3226
https://kc.mcafee.com/corporate/index?page=content&id=SB10005
https://kc.mcafee.com/corporate/index?page=content&id=SB10004
http://www.secureworks.com/ctu/advisories/files/SWRX-2009-002.pdf
http://www.secureworks.com/ctu/advisories/files/SWRX-2009-001.pdf

Credits

Vulnerabilities reported by Daniel King (SecureWorks).

Changelog

2009-11-12 : Initial release

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.