Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Suricata
(Suricata\-Ids)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 19 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-09-24 | CVE-2019-15699 | An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon receiving a corrupted SSLv3 (TLS 1.2) packet, the parser function TLSDecodeHSHelloExtensions tries to access a memory region that is not allocated, because the expected length of HSHelloExtensions does not match the real length of the HSHelloExtensions part of the packet. | Suricata | N/A | ||
| 2019-08-28 | CVE-2019-10051 | An issue was discovered in Suricata 4.1.3. If the function filetracker_newchunk encounters an unsafe "Some(sfcm) => { ft.new_chunk }" item, then the program enters an smb/files.rs error condition and crashes. | Suricata | 7.5 | ||
| 2019-08-28 | CVE-2019-10052 | An issue was discovered in Suricata 4.1.3. If the network packet does not have the right length, the parser tries to access a part of a DHCP packet. At this point, the Rust environment runs into a panic in parse_clientid_option in the dhcp/parser.rs file. | Suricata | 7.5 | ||
| 2019-04-04 | CVE-2018-10242 | Suricata version 4.0.4 incorrectly handles the parsing of the SSH banner. A malformed SSH banner can cause the parsing code to read beyond the allocated data because SSHParseBanner in app-layer-ssh.c lacks a length check. | Debian_linux, Suricata | 7.5 | ||
| 2018-02-07 | CVE-2018-6794 | Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerability in detect.c and stream-tcp.c. If a malicious server breaks a normal TCP flow and sends data before the 3-way handshake is complete, then the data sent by the malicious server will be accepted by web clients such as a web browser or Linux CLI utilities, but ignored by Suricata IDS signatures. This mostly affects IDS signatures for the HTTP protocol and TCP stream content; signatures for TCP packets will inspect such... | Debian_linux, Suricata | 5.3 | ||
| 2018-07-23 | CVE-2018-14568 | Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server. This allows detection bypass because Windows TCP clients proceed with normal processing of TCP data that arrives shortly after an RST (i.e., they act as if the RST had not yet been received). | Suricata | 7.5 | ||
| 2019-04-04 | CVE-2018-10244 | Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the parsing code to read beyond the allocated data because DecodeENIPPDU in app-layer-enip-commmon.c has an integer overflow during a length check. | Suricata | 9.8 | ||
| 2018-07-23 | CVE-2016-10728 | An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error packet is received as the first packet on a flow in the to_client direction, it confuses the rule grouping lookup logic. The toclient inspection will then continue with the wrong rule group. This can lead to missed detection. | Suricata | 5.3 | ||
| 2014-05-30 | CVE-2013-5919 | Suricata before 1.4.6 allows remote attackers to cause a denial of service (crash) via a malformed SSL record. | Suricata, Suricata | N/A |