CVE-2010-3073
published 2010-09-17CVE-2010-3073: SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization…
PriorityP410low2.1CVSS 2.0
AVLACLAuNCPINAN
EXPLOIT
EPSS
0.71%
49.0th percentile
SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arg0 | encfs | <= 1.6.0 | — |
| arg0 | encfs | — | — |
| arg0 | encfs | — | — |
| arg0 | encfs | — | — |
| arg0 | encfs | — | — |
| arg0 | encfs | — | — |
| arg0 | encfs | >= 0 < 1.7.2-1 | 1.7.2-1 |
| arg0 | encfs | >= 0 < 1.7.2-1 | 1.7.2-1 |
| arg0 | encfs | >= 0 < 1.7.2-1 | 1.7.2-1 |
| debian | encfs | < encfs 1.7.2-1 (bookworm) | encfs 1.7.2-1 (bookworm) |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
osv2.1LOW
vendor_debian2.1LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2010-3073: encfs - SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes...
vendor_debian·2010·CVSS 2.1
CVE-2010-3073 [LOW] CVE-2010-3073: encfs - SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes...
SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.
Scope: local
bookworm: resolved (fixed in 1.7.2-1)
bullseye: resolved (fixed in 1.7.2-1)
sid: resolved (fixed in 1.7.2-1)
trixie: resolved (fixed in 1.7.2-1)
GHSA
GHSA-gr5x-6f83-c4g4: SSL_Cipher
ghsa_unreviewed·2022-05-17
CVE-2010-3073 [LOW] GHSA-gr5x-6f83-c4g4: SSL_Cipher
SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.
OSV
CVE-2010-3073: SSL_Cipher
osv·2010-09-17·CVSS 2.1
CVE-2010-3073 [LOW] CVE-2010-3073: SSL_Cipher
SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms.
Suricata
ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2007-0129 [HIGH] ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID DELETE
ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID DELETE"; flow:established,to_server; http.uri; content:"/main.asp?"; nocase; content:"subcatID="; nocase; content:"DELETE"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-0129; reference:url,www.exploit-db.com/exploits/3073/; classtype:web-application-attack; sid:2005832; rev:10; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_techn
Suricata
ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2007-0129 [HIGH] ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID INSERT
ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID INSERT"; flow:established,to_server; http.uri; content:"/main.asp?"; nocase; content:"subcatID="; nocase; content:"INSERT"; nocase; content:"INTO"; nocase; distance:0; reference:cve,CVE-2007-0129; reference:url,www.exploit-db.com/exploits/3073/; classtype:web-application-attack; sid:2005831; rev:10; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_techn
Suricata
ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2007-0129 [HIGH] ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID UPDATE
ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID UPDATE"; flow:established,to_server; http.uri; content:"/main.asp?"; nocase; content:"subcatID="; nocase; content:"UPDATE"; nocase; content:"SET"; nocase; distance:0; reference:cve,CVE-2007-0129; reference:url,www.exploit-db.com/exploits/3073/; classtype:web-application-attack; sid:2005834; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_techniq
Suricata
ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-0129 [HIGH] ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID UNION SELECT
ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID UNION SELECT"; flow:established,to_server; http.uri; content:"/main.asp?"; nocase; content:"subcatID="; nocase; content:"UNION"; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-0129; reference:url,www.exploit-db.com/exploits/3073/; classtype:web-application-attack; sid:2005830; rev:10; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access
Suricata
ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2007-0129 [HIGH] ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID ASCII
ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID ASCII"; flow:established,to_server; http.uri; content:"/main.asp?"; nocase; content:"subcatID="; nocase; content:"ASCII("; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-0129; reference:url,www.exploit-db.com/exploits/3073/; classtype:web-application-attack; sid:2005833; rev:10; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_techn
Suricata
ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-0129 [HIGH] ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID SELECT
ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS LocazoList SQL Injection Attempt -- main.asp subcatID SELECT"; flow:established,to_server; http.uri; content:"/main.asp?"; nocase; content:"subcatID="; nocase; content:"SELECT"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-0129; reference:url,www.exploit-db.com/exploits/3073/; classtype:web-application-attack; sid:2005829; rev:11; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_techn
http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0316.htmlhttp://code.google.com/p/encfs/source/detail?r=59http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047794.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/047798.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/047825.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.htmlhttp://secunia.com/advisories/41158http://secunia.com/advisories/41478http://www.openwall.com/lists/oss-security/2010/09/05/3http://www.openwall.com/lists/oss-security/2010/09/06/1http://www.openwall.com/lists/oss-security/2010/09/07/8http://www.vupen.com/english/advisories/2010/2414https://bugzilla.redhat.com/show_bug.cgi?id=630460http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0316.htmlhttp://code.google.com/p/encfs/source/detail?r=59http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047794.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/047798.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/047825.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.htmlhttp://secunia.com/advisories/41158http://secunia.com/advisories/41478http://www.openwall.com/lists/oss-security/2010/09/05/3http://www.openwall.com/lists/oss-security/2010/09/06/1http://www.openwall.com/lists/oss-security/2010/09/07/8http://www.vupen.com/english/advisories/2010/2414https://bugzilla.redhat.com/show_bug.cgi?id=630460
2010-09-17
Published