SourcefireCVEs & Vulnerabilities

8 CVEs affecting Sourcefire products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

snort 233d sensor 4defense center 4intrusion sensor 3dc1000 13d2000 13d9900 13d1000 1
CVE-2010-2306MEDIUM

The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack.

16 Jun 2010
4.3
CVSS
CVE-2009-2344CRITICALpoc

The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components.

7 Jul 2009
9.0
CVSS
CVE-2006-5276CRITICALpoc

Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic.

20 Feb 2007
10.0
CVSS
CVE-2006-2769MEDIUMpoc

The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration.

2 Jun 2006
5.0
CVSS
CVE-2006-0839MEDIUM

The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths.

22 Feb 2006
5.0
CVSS
CVE-2005-3252HIGHpoc

Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.

18 Oct 2005
7.5
CVSS
CVE-2004-2652HIGHpoc

The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.

31 Dec 2004
7.8
CVSS
CVE-2003-0209CRITICALpoc

Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.

5 May 2003
10.0
CVSS
← PrevPage 1 / 1Next →