Open Redirect Vulnerabilities in Suricata for pfSense
CVE-2014-4696

Currently unrated

Key Information:

Vendor: Pfsense
Status: Suricata Package; Pfsense
Vendor: CVE Published:; 2 July 2014

What is CVE-2014-4696?

Suricata, a network threat detection engine integrated with pfSense, is prone to multiple open redirect vulnerabilities that could permit remote attackers to redirect users to malicious websites. Exploiting this flaw can enable attackers to conduct phishing attacks effectively. The vulnerabilities are present in Suricata versions prior to 1.0.6 for pfSense versions below 2.1.4, specifically through manipulation of the referer parameter in suricata_rules_flowbits.php and the returl parameter in suricata_select_alias.php.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://pfsense.org/security/advisories/pfSense-SA-14_13....

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 2, 2014
Vulnerability Reserved
Jun 28, 2014

JSON

Pfsense

What is CVE-2014-4696?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.