8 matches found
EUVD-2009-2340
Malware in sbrugna...
OpenVAS Command Injection
OpenVAS Security Advisory OVSA20121112 Date: 12th November 2012 Product: OpenVAS Manager Risk: Medium Summary It has been identified that OpenVAS Manager is vulnerable to command injection due to insufficient validation of user supplied data when processing OMP requests. It has been identified th...
Sourcefire Defense Center - multiple vulnerabilities.
Hi list, -- Product description from vendor site: The Sourcefire Defense CenterR management console is the "nerve center" of the Sourcefire 3DR System. It provides a powerful, easy-to-use interface for categorizing events, generating recurring reports, scheduling automated IPS, NGIPS, and NGFW...
Sourcefire Defense Center File Download / Cross Site Scripting
-- Product description from vendor site: The Sourcefire Defense CenterR management console is the "nerve center" of the Sourcefire 3DR System. It provides a powerful, easy-to-use interface for categorizing events, generating recurring reports, scheduling automated IPS, NGIPS, and NGFW detection...
Sourcefire Defense Center Multiple Security Vulnerabilities
Sourcefire Defense Center is prone to multiple security vulnerabilities, including multiple arbitrary-file-download vulnerabilities, an arbitrary-file-deletion vulnerability, a security- bypass vulonerability, and an HTML-injection vulnerability. Exploiting these vulnerabilities may allow an...
Sourcefire Defense Center < 4.10.2.3 Multiple Vulnerabilities - Active Check
Sourcefire Defense Center is prone to multiple vulnerabilities, including multiple arbitrary file download vulnerabilities, an arbitrary file deletion vulnerability, a security bypass vulnerability, and an HTML injection vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text...
Code injection
The web-based management interfaces in Sourcefire Defense Center DC and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components...
CVE-2009-2344
The web-based management interfaces in Sourcefire Defense Center DC and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components...