Zero Day Initiative Advisory 10-107 – This vulnerability allows remote attackers to decrypt secure socket layer (SSL) communications directed to multiple Sourcefire products. The specific flaw exists within the reuse of private SSL keys for multiple devices and installations. The keypair is stored in /etc/ssl/server.crt and /etc/ssl/server.key. Disclosure of the private key allows an attacker to decrypt and monitor SSL communications with the target.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/90536/ZDI-10-107.txt
Source: https://packetstormsecurity.com/files/90536/Zero-Day-Initiative-Advisory-10-107.html