HITB2011KUL - Mobile Malware Analysis

Document Title: =============== HITB2011KUL - Mobile Malware Analysis References: =========== Download: http://www.vulnerability-lab.com/resources/videos/424.wmv View: http://www.youtube.com/watch?v=nVAuZ7jf7Sk Release Date: ============= 2012-02-05 Vulnerability Laboratory ID VL-ID:...

Sourcefire Snort Packet Fragmentation Reassembly Denial of Service (CVE-2007-1398)

A denial of service vulnerability has been reported in Sourcefire Snort. The vulnerability is due to an error in Snort Intrusion Detection System when it reassembles fragmented packets. A remote attacker may exploit this vulnerability by sending malicious packets over UDP to an affected service...

CVE-2010-2306

The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle MITM attack...

Default configuration

The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle MITM attack...

CVE-2010-2306

The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle MITM attack...

CVE-2010-2306

The CVE-2010-2306 entry concerns the default installations of Sourcefire 3D Sensor 1000/2000/9900 and Defense Center 1000 sharing the same static private SSL keys across devices/installations. This key reuse enables a remote attacker to perform a man-in-the-middle and decrypt SSL traffic. The pro...

Multiple Sourcefire weak encryption vulnerability

Same private key is used in all devices...

ZDI-10-107: Multiple Sourcefire Products Static Web SSL Keys Vulnerability

ZDI-10-107: Multiple Sourcefire Products Static Web SSL Keys Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-107 June 10, 2010 -- Affected Vendors: Sourcefire -- Affected Products: Sourcefire 3D Sensor 1000 Sourcefire 3D Sensor 2000 Sourcefire 3D Sensor 9900 Sourcefire Defense...

Multiple Sourcefire Products Static Web SSL Keys Vulnerability

This vulnerability allows remote attackers to decrypt secure socket layer SSL communications directed to multiple Sourcefire products. The specific flaw exists within the reuse of private SSL keys for multiple devices and installations. The keypair is stored in /etc/ssl/server.crt and...

Mandriva Security Advisory MDVSA-2009:259-1 (snort)

The remote host is missing an update to snort announced via advisory MDVSA-2009:259-1. OpenVAS Vulnerability Test $Id: mdksa20092591.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:259-1 snort Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

Mandriva Security Advisory MDVSA-2009:259-1 (snort)

The remote host is missing an update to snort announced via advisory MDVSA-2009:259-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Sourcefire November Vulnerability Report

Sourcefire VRT researcher Alain Zidouemba talks about Microsoft Patch Tuesday, the SSL renegotiation flaw and the iPhone worm...

Snort 2.8.5 - IPv6 Denial of Service

============================================= - Date: October 22th, 2009 - Discovered by: Laurent Gaffi - Severity: Low ============================================= I. VULNERABILITY ------------------------- Snort TCP 2 works x86,x64 /usr/bin/env python from scapy.all import z = "Q" 30...

Snort 2.8.5 - IPv6 Denial of Service

Snort 2.8.5 - IPv6 Denial of Service ============================================= - Date: October 22th, 2009 - Discovered by: Laurent Gaffi - Severity: Low ============================================= I. VULNERABILITY ------------------------- Snort TCP 2 works x86,x64 /usr/bin/env python from...

Mandrake Security Advisory MDVSA-2009:259 (snort)

The remote host is missing an update to snort announced via advisory MDVSA-2009:259. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandriva Linux Security Advisory : snort (MDVSA-2009:259-1)

preprocessors/sppfrag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment. CVE-2008-1804 The updated packages have been patched to preven...

CVE-2009-2344

The web-based management interfaces in Sourcefire Defense Center DC and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components...

Code injection

The web-based management interfaces in Sourcefire Defense Center DC and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components...

CVE-2009-2344

The web-based management interfaces in Sourcefire Defense Center DC and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components...

CVE-2009-2344

The CVE affects Sourcefire Defense Center (DC) and 3D Sensor platforms running versions before 4.8.2. The issue is a privilege-escalation vulnerability where remote authenticated users can gain higher privileges by manipulating the admin parameter in an edit action to admin/user/user.cgi (and rel...