KLA10160
Multiple vulnerabilities in First Response
Обновлено: 17/06/2019
Дата обнаружения
19/12/2006
Уровень угрозы
High
Описание

Multiple serious vulnerabilities have been found in First Response. Malicious users can exploit these vulnerabilities to cause denial of service or hijack user packets. Below is a complete list of vulnerabilities

  1. Non-exclusive socket mode can be exploited locally;
  2. Vectors related to FRAgent with enabled SSL can be exploited via specially designed requests;
  3. Vectors related to FREgent with only HTTP configured to use can be exploited locally via man-in-the-middle attacks.
Пораженные продукты

Mandiant First Response before 1.1.1

Решение

Update to latest version

Оказываемое влияние
?
OSI 
[?]

DoS 
[?]
Связанные продукты
First Response
CVE-IDS
CVE-2006-64772.4Warning
CVE-2006-64762.4Warning
CVE-2006-64757.1High