26 matches found
PT-2026-28501
Name of the Vulnerable Software and Affected Versions ClearanceKit versions prior to 4.2.4 Description ClearanceKit monitors file system access events on macOS and enforces access policies on a per-process basis. Before version 4.2.4, two file operation event types—ES EVENT TYPE AUTH EXCHANGEDATA...
EUVD-2018-1206
Malware in sbrugna...
EUVD-2019-10527
Malware in sbrugna...
EUVD-2021-6690
Malicious code in bioql PyPI...
CVE-2021-1494
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this...
CVE-2024-20261
A vulnerability in the file policy feature that is used to inspect encrypted archive files of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass a configured file policy to block an encrypted archive file. This vulnerability exists because of a...
File Policy Bypass
snort is vulnerable to File Policy Bypass. The vulnerability exists due to incorrect handling of specific HTTP header parameters, which allows an attacker to bypass the configured file policy for HTTP packets and deliver a malicious payload by sending maliciously crafted HTTP packets...
Debian DSA-5354-1 : snort - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5354 advisory. Multiple security vulnerabilities were discovered in snort, a flexible Network Intrusion Detection System, which could allow an unauthenticated, remote attacker t...
Cisco Firepower Threat Defence Snort HTTP Detection Engine File Policy Bypass (cisco-sa-http-fp-bp-KfDdcQhc)
According to its self-reported version, Cisco IOS XE is affected by a vulnerability in the Snort detection engine due to a flaw in the handling of HTTP header parameters. An unauthenticated, remote attacker can exploit this by sending crafted HTTP packets through an affected device. A successful...
Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-http-fp-bp-KfDdcQhc)
According to its self-reported version, Cisco IOS XE is affected by a vulnerability in the Snort detection engine due to a flaw in the handling of HTTP header parameters. An unauthenticated, remote attacker can exploit this by sending crafted HTTP packets through an affected device. A successful...
UBUNTU-CVE-2021-1495
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this...
CVE-2021-1495 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of specific HTTP header parameters. An attacker could exploit this...
Cisco Integrated Services Routers 1000/4000 Series HTTP Detection Engine File Policy Bypass (cisco-sa-snort-filepolbypass-67DEwMe2)
According to its version and configuration, the Cisco Software running on the remote Integrated Services Router device is affected by affected by a file policy bypass vulnerability due to the incorrect handling of a HTTP range header. An unauthenticated, remote attacker could send a carefully...
UBUNTU-CVE-2021-1223
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this...
CVE-2021-1224 Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability
Multiple Cisco products are affected by a vulnerability with TCP Fast Open TFO when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP...
Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability
Multiple Cisco products are affected by a vulnerability with TCP Fast Open TFO when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP...
PT-2021-1770 · Cisco +1 · Snort +1
Name of the Vulnerable Software and Affected Versions: Cisco products affected versions not specified Description: The issue is related to a vulnerability in the Snort detection engine, which could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. This is due ...
CVE-2020-3299
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker...
Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-snort_filepolbypass-m4X5DgOP)
According to its self-reported version, Cisco IOS XE SD-WAN Software is affected by vulnerability in the Snort detection engine. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An unauthenticated, remote attacker can exploit this vulnerability...
Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass (cisco-sa-snort_filepolbypass-m4X5DgOP)
According to its self-reported version, Cisco Firepower Threat Defense Software is affected by vulnerability in the Snort detection engine. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An unauthenticated, remote attacker can exploit this...