Sourcefire

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-2306 1Sourcefire 43d1000 3d20003d9900+1 more Apr 29, 2026 Jun 16, 2010 N/A· v4 N/A· v3 4.3 MEDIUM· v2 The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL...Show more The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses the same static, private SSL keys for multiple devices and installations, which allows remote attackers to decrypt SSL traffic via a man-in-the-middle (MITM) attack.Show less
CVE-2009-2344 1Sourcefire 23d Sensor Defense Center Apr 23, 2026 Jul 7, 2009 N/A· v4 N/A· v3 9.0 HIGH· v2 The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/u...Show more The web-based management interfaces in Sourcefire Defense Center (DC) and 3D Sensor before 4.8.2 allow remote authenticated users to gain privileges via a $admin value for the admin parameter in an edit action to admin/user/user.cgi and unspecified other components.Show less
CVE-2006-5276 2Snort Sourcefire 2Intrusion Sensor Snort Apr 23, 2026 Feb 20, 2007 N/A· v4 N/A· v3 10.0 HIGH· v2 Stack-based buffer overflow in the DCE/RPC preprocessor in Snort before 2.6.1.3, and 2.7 before beta 2; and Sourcefire Intrusion Sensor; allows remote attackers to execute arbitrary code via crafted SMB traffic.
CVE-2006-2769 1Sourcefire 1Snort Apr 16, 2026 Jun 2, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The HTTP Inspect preprocessor (http_inspect) in Snort 2.4.0 through 2.4.4 allows remote attackers to bypass "uricontent" rules via a carriage return (\r) after the URL and before the HTTP declaration.
CVE-2006-0839 1Sourcefire 1Snort Apr 16, 2026 Feb 22, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option...Show more The frag3 preprocessor in Sourcefire Snort 2.4.3 does not properly reassemble certain fragmented packets with IP options, which allows remote attackers to evade detection of certain attacks, possibly related to IP option lengths.Show less
CVE-2005-3252 1Sourcefire 1Snort Apr 16, 2026 Oct 18, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
CVE-2004-2652 1Sourcefire 1Snort Apr 16, 2026 Dec 31, 2004 N/A· v4 N/A· v3 7.8 HIGH· v2 The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/I...Show more The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.Show less
CVE-2003-0209 2Smoothwall Sourcefire 2Smoothwall Snort Apr 16, 2026 May 5, 2003 N/A· v4 N/A· v3 10.0 HIGH· v2 Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.