Sourcefire 3D Sensor and DC, privilege escalation vulnerability

Affected product ---------------- Sourcefire 3D Sensor and Defense Center 4.8.x Tested on 4.8.0.3 and 4.8.0.4, 3D Sensor 2500 & DC 1000 All 4.8.x releases, up to and including 4.8.1, confirmed vulnerable by sourcefire. Vulnerability details --------------------- A privilege escalation vulnerabili...

Sourcefire 3D Sensor / Sourcefire Defense Center privilege escalation

Web interface privilege escalation...

Sourcefire 3D Sensor & Defense Center 4.8.x Privilege Escalation Vuln

Exploit for cgi platform in category web applications ===================================================================== Sourcefire 3D Sensor & Defense Center 4.8.x Privilege Escalation Vuln ===================================================================== Affected product ----------------...

Sourcefire 3D Sensor / Defense Center Privilege Escalation

Affected product ---------------- Sourcefire 3D Sensor and Defense Center 4.8.x Tested on 4.8.0.3 and 4.8.0.4, 3D Sensor 2500 & DC 1000 All 4.8.x releases, up to and including 4.8.1, confirmed vulnerable by sourcefire. Vulnerability details --------------------- A privilege escalation vulnerabili...

Sourcefire 3D Sensor & Defense Center 4.8.x Privilege Escalation Vuln

No description provided by source. Affected product ---------------- Sourcefire 3D Sensor and Defense Center 4.8.x Tested on 4.8.0.3 and 4.8.0.4, 3D Sensor 2500 & DC 1000 All 4.8.x releases, up to and including 4.8.1, confirmed vulnerable by sourcefire. Vulnerability details ---------------------...

Sourcefire 3D Sensor Defense Center 4.8.x - Privilege Escalation

Sourcefire 3D Sensor Defense Center 4.8.x - Privilege Escalation Affected product ---------------- Sourcefire 3D Sensor and Defense Center 4.8.x Tested on 4.8.0.3 and 4.8.0.4, 3D Sensor 2500 & DC 1000 All 4.8.x releases, up to and including 4.8.1, confirmed vulnerable by sourcefire. Vulnerability...

Sourcefire 3D Sensor & Defense Center 4.8.x - Privilege Escalation

Affected product ---------------- Sourcefire 3D Sensor and Defense Center 4.8.x Tested on 4.8.0.3 and 4.8.0.4, 3D Sensor 2500 & DC 1000 All 4.8.x releases, up to and including 4.8.1, confirmed vulnerable by sourcefire. Vulnerability details --------------------- A privilege escalation vulnerabili...

WinAMP 5.551 MAKI Parsing Integer Overflow

/ Winamp 5.551 MAKI Parsing Integer Overflow Exploit !!! Tested on :Vista sp1 and Xpsp3 Release Date :May 22 2009 Venders web site :http://www.winamp.com/ Version Tested:Winamp 5.551 Not vulnerable :Winamp 5.552 Credits to Monica Sojeong Hong down at vrt-sourcefire for the overflow...

Winamp 5.551 MAKI Parsing Integer Overflow Exploit

Exploit for unknown platform in category local exploits ================================================== Winamp 5.551 MAKI Parsing Integer Overflow Exploit ================================================== / Winamp 5.551 MAKI Parsing Integer Overflow Exploit !!! Tested on :Vista sp1 and Xpsp3...

Winamp 5.551 - MAKI Parsing Integer Overflow

/ Winamp 5.551 MAKI Parsing Integer Overflow Exploit !!! Tested on :Vista sp1 and Xpsp3 Release Date :May 22 2009 Venders web site :http://www.winamp.com/ Version Tested:Winamp 5.551 Not vulnerable :Winamp 5.552 Credits to Monica Sojeong Hong down at vrt-sourcefire for the overflow...

WinAMP 5.551 MAKI Integer Overflow

/ Winamp 5.551 MAKI Parsing Integer Overflow Vulnerability This is just a simple poc code to show how to exploit the recent MAKI file parsing vulnerability. Tested on :Vista sp1 and Xpsp3 Release Date :May 22 2009 Venders web site :http://www.winamp.com/ Version Teasted:Winamp 5.551 Not vulnerabl...

Winamp 5.551 MAKI Parsing Integer Overflow PoC

No description provided by source. / Winamp 5.551 MAKI Parsing Integer Overflow Vulnerability This is just a simple poc code to show how to exploit the recent MAKI file parsing vulnerability. Tested on :Vista sp1 and Xpsp3 Release Date :May 22 2009 Venders web site :http://www.winamp.com/ Version...

Winamp 5.55 - MAKI Script Universal Overwrite (SEH)

usage: python winampmakiscript.py Note : I got problem while using this python file under windows,but it works great under ubuntu :p print "" print " Winamp = 5.55 MAKI script Universal Seh Overwrite Exploit\n" print " Advisory :...

Adobe Acrobat Reader - JBIG2 Local Buffer Overflow (PoC) (2)

!/usr/bin/perl ksOSe 02/22/2009 http://vrt-sourcefire.blogspot.com/2009/02/have-nice-weekend-pdf-love.html my $size = "\x40\x00"; my $factor = "ABCD"; my $data = "A" x 8314; print pdf; sub pdf "%PDF-1.5\n" . "%\xec\xf5\xf2\xe1\xe4\xef\xe3\xf5\xed\xe5\xee\xf4\n" . "3 0 \n" . "xref\n" . "3 16\n"...

CVE-2008-1804

preprocessors/sppfrag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment...

CVE-2008-1804

preprocessors/sppfrag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment...

CVE-2008-1804

preprocessors/sppfrag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment...

CVE-2008-1804

CVE-2008-1804 targets Sourcefire Snort up to version 2.8.0: the preprocessor spp_frag3.c fails to correctly identify packet fragments with dissimilar TTL values, enabling a remote attacker to bypass detection rules by using different TTLs on each fragment. The issue is tied to Snort’s fragment-ha...

Preemptive Protection against Sourcefire Intrusion Sensor and Snort DCE/RPC Preprocessor Buffer Overflow Vulnerability

A buffer overflow vulnerability has been identified in Sourcefire Intrusion Sensor and in Snort DCE/RPC preprocessor. Sourcefire Snort is an open-source network intrusion detection system. Snort DCE/RPC preprocessor is a plug-in that reassembles fragmented SMB and DCE/RPC packets. A remote attack...

FreeBSD : snort -- DCE/RPC preprocessor vulnerability (afdf500f-c1f6-11db-95c5-000c6ec775d9)

A IBM Internet Security Systems Protection Advisory reports : Snort is vulnerable to a stack-based buffer overflow as a result of DCE/RPC reassembly. This vulnerability is in a dynamic-preprocessor enabled in the default configuration, and the configuration for this preprocessor allows for...