CVE-2010-3074
published 2010-09-17CVE-2010-3074: SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to…
PriorityP44low2.1CVSS 2.0
AVLACLAuNCPINAN
EPSS
0.39%
30.4th percentile
SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arg0 | encfs | <= 1.6.0 | — |
| arg0 | encfs | — | — |
| arg0 | encfs | — | — |
| arg0 | encfs | — | — |
| arg0 | encfs | — | — |
| arg0 | encfs | — | — |
| arg0 | encfs | >= 0 < 1.7.2-1 | 1.7.2-1 |
| arg0 | encfs | >= 0 < 1.7.2-1 | 1.7.2-1 |
| arg0 | encfs | >= 0 < 1.7.2-1 | 1.7.2-1 |
| debian | encfs | < encfs 1.7.2-1 (bookworm) | encfs 1.7.2-1 (bookworm) |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
osv2.1LOW
vendor_debian2.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2010-3074: encfs - SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES ciph...
vendor_debian·2010·CVSS 2.1
CVE-2010-3074 [LOW] CVE-2010-3074: encfs - SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES ciph...
SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack.
Scope: local
bookworm: resolved (fixed in 1.7.2-1)
bullseye: resolved (fixed in 1.7.2-1)
sid: resolved (fixed in 1.7.2-1)
trixie: resolved (fixed in 1.7.2-1)
GHSA
GHSA-2r66-g66j-95vv: SSL_Cipher
ghsa_unreviewed·2022-05-17
CVE-2010-3074 [LOW] GHSA-2r66-g66j-95vv: SSL_Cipher
SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack.
OSV
CVE-2010-3074: SSL_Cipher
osv·2010-09-17·CVSS 2.1
CVE-2010-3074 [LOW] CVE-2010-3074: SSL_Cipher
SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a watermark attack.
Suricata
ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-0092 [HIGH] ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id SELECT
ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id SELECT"; flow:established,to_server; http.uri; content:"/productdetail.asp?"; nocase; content:"product_id="; nocase; content:"SELECT"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-0092; reference:url,www.milw0rm.com/exploits/3074; classtype:web-application-attack; sid:2005877; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_na
Suricata
ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id UPDATE
suricata·2010-07-30·CVSS 7.5
CVE-2007-0092 [HIGH] ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id UPDATE
ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id UPDATE"; flow:established,to_server; http.uri; content:"/productdetail.asp?"; nocase; content:"product_id="; nocase; content:"UPDATE"; nocase; content:"SET"; nocase; distance:0; reference:cve,CVE-2007-0092; reference:url,www.milw0rm.com/exploits/3074; classtype:web-application-attack; sid:2005882; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_nam
Suricata
ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id UNION SELECT
suricata·2010-07-30·CVSS 7.5
CVE-2007-0092 [HIGH] ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id UNION SELECT
ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id UNION SELECT"; flow:established,to_server; http.uri; content:"/productdetail.asp?"; nocase; content:"product_id="; nocase; content:"UNION"; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-0092; reference:url,www.milw0rm.com/exploits/3074; classtype:web-application-attack; sid:2005878; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mi
Suricata
ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id ASCII
suricata·2010-07-30·CVSS 7.5
CVE-2007-0092 [HIGH] ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id ASCII
ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id ASCII"; flow:established,to_server; http.uri; content:"/productdetail.asp?"; nocase; content:"product_id="; nocase; content:"ASCII("; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-0092; reference:url,www.milw0rm.com/exploits/3074; classtype:web-application-attack; sid:2005881; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_na
Suricata
ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id DELETE
suricata·2010-07-30·CVSS 7.5
CVE-2007-0092 [HIGH] ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id DELETE
ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id DELETE"; flow:established,to_server; http.uri; content:"/productdetail.asp?"; nocase; content:"product_id="; nocase; content:"DELETE"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-0092; reference:url,www.milw0rm.com/exploits/3074; classtype:web-application-attack; sid:2005880; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_na
Suricata
ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id INSERT
suricata·2010-07-30·CVSS 7.5
CVE-2007-0092 [HIGH] ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id INSERT
ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS E-SMARTCART SQL Injection Attempt -- productdetail.asp product_id INSERT"; flow:established,to_server; http.uri; content:"/productdetail.asp?"; nocase; content:"product_id="; nocase; content:"INSERT"; nocase; content:"INTO"; nocase; distance:0; reference:cve,CVE-2007-0092; reference:url,www.milw0rm.com/exploits/3074; classtype:web-application-attack; sid:2005879; rev:9; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_11, mitre_tactic_id TA0001, mitre_tactic_na
No public exploits indexed.
http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0316.htmlhttp://bugs.gentoo.org/show_bug.cgi?id=335938http://code.google.com/p/encfs/source/detail?r=59http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047794.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/047798.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/047825.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.htmlhttp://secunia.com/advisories/41158http://secunia.com/advisories/41478http://www.arg0.net/encfshttp://www.openwall.com/lists/oss-security/2010/09/05/3http://www.openwall.com/lists/oss-security/2010/09/06/1http://www.openwall.com/lists/oss-security/2010/09/07/8http://www.vupen.com/english/advisories/2010/2414https://bugzilla.redhat.com/show_bug.cgi?id=630460http://archives.neohapsis.com/archives/fulldisclosure/2010-08/0316.htmlhttp://bugs.gentoo.org/show_bug.cgi?id=335938http://code.google.com/p/encfs/source/detail?r=59http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047794.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/047798.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-September/047825.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.htmlhttp://secunia.com/advisories/41158http://secunia.com/advisories/41478http://www.arg0.net/encfshttp://www.openwall.com/lists/oss-security/2010/09/05/3http://www.openwall.com/lists/oss-security/2010/09/06/1http://www.openwall.com/lists/oss-security/2010/09/07/8http://www.vupen.com/english/advisories/2010/2414https://bugzilla.redhat.com/show_bug.cgi?id=630460
2010-09-17
Published