CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2010-2306
https://notcve.org/view.php?id=CVE-2010-2306
The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack. La instalación por defecto de Sourcefire 3D Sensor 1000, 2000, y 9900 y Defense Center 1000, usa la misma clave estática/privada por defecto en instalaciones múltiples de ese dispositivo, lo que permite a atacantes remotos capturar y descifrar el tráfico SSL a través de un ataque de hombre-en-el-medio (Man-in-the-midlle). • http://osvdb.org/65470 http://secunia.com/advisories/40143 http://www.securityfocus.com/archive/1/511792/100/0/threaded http://www.securitytracker.com/id?1024092 http://www.vupen.com/english/advisories/2010/1438 http://www.zerodayinitiative.com/advisories/ZDI-10-107 https://exchange.xforce.ibmcloud.com/vulnerabilities/59380 https://support.sourcefire.com/notices/notice/1437 • CWE-16: Configuration •
CVSS: 9.0EPSS: 5%CPEs: 8EXPL: 3CVE-2009-2344 – Sourcefire 3D Sensor & Defense Center 4.8.x - Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-2344
The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components. La interfaz de administración web en Sourcefire Defense Center (DC) y 3D Sensor anteriores a v4.8.2 permiten a usuarios autentificarse para obtener privilegios a través de un valor $admin para los parametros de administración en una acción de edición de admin/user/user.cgi y otros componentes no especificados. • https://www.exploit-db.com/exploits/9074 http://secunia.com/advisories/35658 http://www.exploit-db.com/exploits/9074 http://www.securityfocus.com/archive/1/504694/100/0/threaded http://www.securityfocus.com/bid/35553 http://www.securitytracker.com/id?1022500 http://www.vupen.com/english/advisories/2009/1785 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 71%CPEs: 10EXPL: 4CVE-2006-5276 – Snort 2.6.1 (Linux) - DCE/RPC Preprocessor Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-5276
Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic. Desbordamiento de búfer en el preprocesador DCE/RPC en Snort anterior a 2.6.1.3, y 2.7 anterior a beta 2; y Sourcefire Intrusion Sensor;permite a atacantes remotos ejecutar código de su elección mediante tráfico SMB manipulado. • https://www.exploit-db.com/exploits/3609 https://www.exploit-db.com/exploits/3362 https://www.exploit-db.com/exploits/18723 https://www.exploit-db.com/exploits/3391 http://fedoranews.org/updates/FEDORA-2007-206.shtml http://iss.net/threats/257.html http://secunia.com/advisories/24190 http://secunia.com/advisories/24235 http://secunia.com/advisories/24239 http://secunia.com/advisories/24240 http://secunia.com/advisories/24272 http://secunia.com/advisories/26746 htt •
CVSS: 5.0EPSS: 2%CPEs: 5EXPL: 5CVE-2006-2769 – Snort 2.4.x - URIContent Rules Detection Evasion
https://notcve.org/view.php?id=CVE-2006-2769
The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration. El preprocesador HTTP Inspect (http_inspect) en Snort 2.4.0 hasta la versión 2.4.4 permite a atacantes remotos eludir reglas "uricontent" a través de un retorno de carro (\r) después de la URL y antes de la declaración HTTP. • https://www.exploit-db.com/exploits/27931 http://lists.suse.com/archive/suse-security-announce/2006-Jun/0008.html http://marc.info/?l=snort-devel&m=114909074311462&w=2 http://secunia.com/advisories/20413 http://secunia.com/advisories/20766 http://securityreason.com/securityalert/1018 http://securitytracker.com/id?1016191 http://www.demarc.com/support/downloads/patch_20060531 http://www.osvdb.org/25837 http://www.securityfocus.com/archive/1/435600/100/0/threaded http:/&#x • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0839
https://notcve.org/view.php?id=CVE-2006-0839
The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths. • http://secunia.com/advisories/18959 http://www.securityfocus.com/archive/1/425290/100/0/threaded http://www.securityfocus.com/bid/16705 https://exchange.xforce.ibmcloud.com/vulnerabilities/24811 •