KLA10160
Multiple vulnerabilities in First Response
Updated: 01/24/2020
Detect date
?
12/19/2006
Severity
?
High
Description

Multiple serious vulnerabilities have been found in First Response. Malicious users can exploit these vulnerabilities to cause denial of service or hijack user packets. Below is a complete list of vulnerabilities

  1. Non-exclusive socket mode can be exploited locally;
  2. Vectors related to FRAgent with enabled SSL can be exploited via specially designed requests;
  3. Vectors related to FREgent with only HTTP configured to use can be exploited locally via man-in-the-middle attacks.
Affected products

Mandiant First Response before 1.1.1

Solution

Update to latest version

Impacts
?
OSI 
[?]

DoS 
[?]
Related products
First Response
CVE-IDS
?
CVE-2006-64772.4Warning
CVE-2006-64762.4Warning
CVE-2006-64757.1High