Sourcefire Defense Center / 3D Sensor Multiple
Sourcefire Defense Center / 3D Sensor Multiple Vulnerabilities
Release Date : 2012-04-05
Criticality level : Less critical
Impact : Security Bypass
Cross Site Scripting
Exposure of sensitive information
Where : From local network
Solution Status : Unpatched
Operating System: Sourcefire 3D Sensor
Sourcefire Defense Center
Filip Palian has reported two security issues and two vulnerabilities in Sourcefire Defense Center and Sourcefire 3D Sensor, which can be exploited by malicious users to conduct script insertion attacks and bypass certain security restrictions and by malicious people to disclose potentially sensitive information.
1) Certain input passed to the "file" parameter in ComparisonViewer/report.cgi is not properly verified before being used to display files. This can be exploited to disclose arbitrary files via directory traversal sequences.
2) An error due to the appliance not restricting access to certain files within the webroot can be exploited to download and disclose the contents of e.g. configuration files.
3) An error related to the database permissions given to RUA agents can be exploited to gain privileged access to the database.
Note: This security issue doesn't affect versions 4.9.x and prior.
4) Certain input passed to the dashboard when renaming new tabs is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.
The security issues and vulnerabilities are reported in versions prior to 188.8.131.52, 184.108.40.206, and 220.127.116.11.
Update to version 18.104.22.168, 22.214.171.124, or 126.96.36.199.
Provided and/or discovered by:
Was this reply helpful? (0) (0)