CVE-2016-9209

A vulnerability in TCP processing in Cisco FirePOWER system software could allow an unauthenticated, remote attacker to download files that would normally be blocked. Affected Products: The following Cisco products are vulnerable: Adaptive Security Appliance ASA 5500-X Series with FirePOWER...

Cisco FireSIGHT Sourcefire 3D System Arbitrary File Upload Vulnerability

Centralized management console for Cisco FireSIGHT Sourcefire security solutions. An arbitrary file upload vulnerability exists in the Cisco FireSIGHT Sourcefire 3D System Lights-Out Management LOM feature, which could be exploited by remote attackers to upload arbitrary files to a target device...

CVE-2015-0739

The Lights-Out Management LOM implementation in Cisco FireSIGHT System Software 5.3.0 on Sourcefire 3D Sensor devices allows remote authenticated users to perform arbitrary Baseboard Management Controller BMC file uploads via unspecified vectors, aka Bug ID CSCus87938...

CVE-2015-0739

Cisco FireSIGHT System Software 5.3.0 (Sourcefire 3D Sensor) LOM vulnerability allows remote authenticated users to perform arbitrary BMC file uploads via unspecified vectors; root cause is insufficient input validation in Lights-Out Management. Exploitation could lead to arbitrary code execution...

Cisco Sourcefire 3D System Lights-Out Management Arbitrary File Upload Vulnerability

A vulnerability in Lights-Out Management LOM functionality of the Sourcefire 3D System could allow an authenticated, remote attacker to upload arbitrary files to the baseboard management controller BMC on an affected device. The vulnerability is due to insufficient validation and sanitization of...

Snort <= 2.8.5 - IPv6 DoS

No description provided by source. ============================================= - Date: October 22th, 2009 - Discovered by: Laurent Gaffi - Severity: Low ============================================= I. VULNERABILITY ------------------------- Snort = 2.8.5 IPV6 Remote DoS II. DESCRIPTION...

CVE-2010-2306

The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle MITM attack...

Default configuration

The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle MITM attack...

CVE-2010-2306

The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle MITM attack...

Snort 2.8.5 - IPv6 Denial of Service

============================================= - Date: October 22th, 2009 - Discovered by: Laurent Gaffi - Severity: Low ============================================= I. VULNERABILITY ------------------------- Snort TCP 2 works x86,x64 /usr/bin/env python from scapy.all import z = "Q" 30...

Sourcefire 3D Sensor / Sourcefire Defense Center privilege escalation

Web interface privilege escalation...

Sourcefire 3D Sensor Defense Center 4.8.x - Privilege Escalation

Sourcefire 3D Sensor Defense Center 4.8.x - Privilege Escalation Affected product ---------------- Sourcefire 3D Sensor and Defense Center 4.8.x Tested on 4.8.0.3 and 4.8.0.4, 3D Sensor 2500 & DC 1000 All 4.8.x releases, up to and including 4.8.1, confirmed vulnerable by sourcefire. Vulnerability...

Sourcefire 3D Sensor &amp; Defense Center 4.8.x - Privilege Escalation

Affected product ---------------- Sourcefire 3D Sensor and Defense Center 4.8.x Tested on 4.8.0.3 and 4.8.0.4, 3D Sensor 2500 & DC 1000 All 4.8.x releases, up to and including 4.8.1, confirmed vulnerable by sourcefire. Vulnerability details --------------------- A privilege escalation vulnerabili...