CVE-2009-5116

Loading...

General

Score:6.5/10.0
Severity:Medium
Category:Access Control Error

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:Single

Published on 22/08/12 - Updated on 22/08/12

Description

McAfee LinuxShield 1.5.1 and earlier does not properly implement client authentication, which allows remote authenticated users to obtain Admin access to the statistics server by leveraging a client account.

Category: Access Control Error

CWE-287 (Authentication Issues)
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Security Notices

US National Vulnerability DatabaseCVE-2009-5116

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
mcafeelinuxshield

Share this vulnerability with:

Twitter Facebook LinkedIn Mail