English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.10.2023.0117
Category:Mageia Linux Local Security Checks
Title:Mageia: Security Advisory (MGASA-2023-0117)
Summary:The remote host is missing an update for the 'snort' package(s) announced via the MGASA-2023-0117 advisory.
Description:Summary:
The remote host is missing an update for the 'snort' package(s) announced via the MGASA-2023-0117 advisory.

Vulnerability Insight:
Multiple Cisco products are affected by a vulnerability in the Snort
detection engine that could allow an unauthenticated, remote attacker to
bypass a configured File Policy for HTTP. The vulnerability is due to
incorrect detection of modified HTTP packets used in chunked responses. An
attacker could exploit this vulnerability by sending crafted HTTP packets
through an affected device. A successful exploit could allow the attacker
to bypass a configured File Policy for HTTP packets and deliver a
malicious payload. (CVE-2020-3299)

Multiple Cisco products are affected by a vulnerability in the Snort
detection engine that could allow an unauthenticated, remote attacker to
bypass the configured file policies on an affected system. The
vulnerability is due to errors in how the Snort detection engine handles
specific HTTP responses. An attacker could exploit this vulnerability by
sending crafted HTTP packets that would flow through an affected system. A
successful exploit could allow the attacker to bypass the configured file
policies and deliver a malicious payload to the protected network.
(CVE-2020-3315)

Multiple Cisco products are affected by a vulnerability in the Snort
detection engine that could allow an unauthenticated, remote attacker to
bypass a configured file policy for HTTP. The vulnerability is due to
incorrect handling of an HTTP range header. An attacker could exploit this
vulnerability by sending crafted HTTP packets through an affected device.
A successful exploit could allow the attacker to bypass configured file
policy for HTTP packets and deliver a malicious payload. (CVE-2021-1223)

Multiple Cisco products are affected by a vulnerability with TCP Fast Open
(TFO) when used in conjunction with the Snort detection engine that could
allow an unauthenticated, remote attacker to bypass a configured file
policy for HTTP. The vulnerability is due to incorrect detection of the
HTTP payload if it is contained at least partially within the TFO
connection handshake. An attacker could exploit this vulnerability by
sending crafted TFO packets with an HTTP payload through an affected
device. A successful exploit could allow the attacker to bypass
configured file policy for HTTP packets and deliver a malicious payload.
(CVE-2021-1224)

Multiple Cisco products are affected by a vulnerability in the Snort
application detection engine that could allow an unauthenticated, remote
attacker to bypass the configured policies on an affected system. The
vulnerability is due to a flaw in the detection algorithm. An attacker
could exploit this vulnerability by sending crafted packets that would
flow through an affected system. A successful exploit could allow the
attacker to bypass the configured policies and deliver a malicious
payload to the protected network. (CVE-2021-1236)

Multiple Cisco products are affected by vulnerabilities in the Snort
detection engine that could allow ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'snort' package(s) on Mageia 8.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-3299
Cisco Security Advisory: 20201021 Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-bypass-3eCfd24j
Debian Security Information: DSA-5354 (Google Search)
https://www.debian.org/security/2023/dsa-5354
https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html
Common Vulnerability Exposure (CVE) ID: CVE-2020-3315
Cisco Security Advisory: 20200506 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort_filepolbypass-m4X5DgOP
Common Vulnerability Exposure (CVE) ID: CVE-2021-1223
Cisco Security Advisory: 20210113 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2
Common Vulnerability Exposure (CVE) ID: CVE-2021-1224
Cisco Security Advisory: 20210113 Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-tfo-bypass-MmzZrtes
Common Vulnerability Exposure (CVE) ID: CVE-2021-1236
Cisco Security Advisory: 20210113 Multiple Cisco Products Snort Application Detection Engine Policy Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-app-bypass-cSBYCATq
Common Vulnerability Exposure (CVE) ID: CVE-2021-1494
Common Vulnerability Exposure (CVE) ID: CVE-2021-1495
Cisco Security Advisory: 20210428 Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc
Common Vulnerability Exposure (CVE) ID: CVE-2021-34749
Cisco Security Advisory: 20210818 Multiple Cisco Products Server Name Identification Data Exfiltration Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sni-data-exfil-mFgzXqLN
Common Vulnerability Exposure (CVE) ID: CVE-2021-40114
Cisco Security Advisory: 20211027 Multiple Cisco Products Snort Memory Leak Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-dos-s2R7W9UU
CopyrightCopyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.