Test Kennung:	1.3.6.1.4.1.25623.1.0.106159
Kategorie:	CISCO
Titel:	Cisco FireSIGHT System Software Snort Rule Bypass Vulnerability
Zusammenfassung:	A vulnerability in Snort rule detection in Cisco FireSIGHT System;Software could allow an unauthenticated, remote attacker to bypass configured rules that use Snort detection.;;The vulnerability is due to improper handling of HTTP header parameters. An attacker could exploit this;vulnerability by sending a crafted HTTP packet to the affected device. An exploit could allow the attacker;to bypass configured rules that use Snort detection.
Beschreibung:	Summary: A vulnerability in Snort rule detection in Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass configured rules that use Snort detection. The vulnerability is due to improper handling of HTTP header parameters. An attacker could exploit this vulnerability by sending a crafted HTTP packet to the affected device. An exploit could allow the attacker to bypass configured rules that use Snort detection. Solution: Upgrade to Cisco FireSIGHT System Software version 6.1.0 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1463 BugTraq ID: 92152 http://www.securityfocus.com/bid/92152 Cisco Security Advisory: 20160727 Cisco FireSIGHT System Software Snort Rule Bypass Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160727-firesight http://www.securitytracker.com/id/1036471
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.