All the vulnerabilites related to openinfosecfoundation - suricata
Vulnerability from fkie_nvd
Published
2017-10-23 08:29
Modified
2024-11-21 03:14
Severity ?
Summary
In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn't stop when it should after no match is found; instead, it stops only upon reaching inspection-recursion-limit (3000 by default).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openinfosecfoundation | suricata | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openinfosecfoundation:suricata:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA496538-972D-4CF8-822E-F1F4BE498669",
"versionEndIncluding": "3.2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn\u0027t stop when it should after no match is found; instead, it stops only upon reaching inspection-recursion-limit (3000 by default)."
},
{
"lang": "es",
"value": "En Suricata en versiones anteriores a las 4.x, era posible desencadenar numerosos chequeos redundantes en el contenido del trafico de red manipulado con una firma especifica a causa de DetectEngineContentInspection en detect-engine-content-inspection.c. El motor de busqueda no se detiene cuando deber\u00ed\u00ada despues de que no se encuentre ninguna coincidencia. En su lugar, solo se detiene al llegar al l\u00ed\u00admite de recursi\u00f3n de inspecci\u00f3nn (3000 por defecto)."
}
],
"id": "CVE-2017-15377",
"lastModified": "2024-11-21T03:14:35.163",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-23T08:29:00.430",
"references": [
{
"source": "cve@mitre.org",
"url": "https://github.com/OISF/suricata/commit/b9579fbe7dd408200ef03cbe20efddb624b73885"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://redmine.openinfosecfoundation.org/issues/2231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/OISF/suricata/commit/b9579fbe7dd408200ef03cbe20efddb624b73885"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://redmine.openinfosecfoundation.org/issues/2231"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-05-14 14:59
Modified
2024-11-21 02:24
Severity ?
Summary
The DER parser in Suricata before 2.0.8 allows remote attackers to cause a denial of service (crash) via vectors related to SSL/TLS certificates.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 8.0 | |
| openinfosecfoundation | suricata | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openinfosecfoundation:suricata:*:*:*:*:*:*:*:*",
"matchCriteriaId": "705669EA-579A-427E-9D9C-C78CE9E1AA68",
"versionEndIncluding": "2.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DER parser in Suricata before 2.0.8 allows remote attackers to cause a denial of service (crash) via vectors related to SSL/TLS certificates."
},
{
"lang": "es",
"value": "El analizador sint\u00e1ctico DER en Suricata anterior a 2.0.8 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de vectores relacionados con certificados SSL/TLS."
}
],
"id": "CVE-2015-0971",
"lastModified": "2024-11-21T02:24:03.480",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-05-14T14:59:06.840",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://suricata-ids.org/2015/05/06/suricata-2-0-8-available/"
},
{
"source": "cret@cert.org",
"url": "http://www.debian.org/security/2015/dsa-3254"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://suricata-ids.org/2015/05/06/suricata-2-0-8-available/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3254"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-30 14:55
Modified
2024-11-21 01:58
Severity ?
Summary
Suricata before 1.4.6 allows remote attackers to cause a denial of service (crash) via a malformed SSL record.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oisf | suricata | 1.3 | |
| oisf | suricata | 1.3 | |
| oisf | suricata | 1.3 | |
| oisf | suricata | 1.3.1 | |
| oisf | suricata | 1.3.2 | |
| oisf | suricata | 1.3.3 | |
| oisf | suricata | 1.3.4 | |
| oisf | suricata | 1.3.5 | |
| oisf | suricata | 1.3.6 | |
| oisf | suricata | 1.4 | |
| oisf | suricata | 1.4 | |
| oisf | suricata | 1.4 | |
| oisf | suricata | 1.4 | |
| oisf | suricata | 1.4.1 | |
| oisf | suricata | 1.4.2 | |
| oisf | suricata | 1.4.3 | |
| oisf | suricata | 1.4.4 | |
| openinfosecfoundation | suricata | * | |
| openinfosecfoundation | suricata | 1.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oisf:suricata:1.3:beta2:*:*:*:*:*:*",
"matchCriteriaId": "6AE9A26B-52F4-4732-A22B-90F763DB13B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.3:beta3:*:*:*:*:*:*",
"matchCriteriaId": "7C98C6B6-3CC3-4D6B-B569-6E46EA170658",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EC2FC97D-56ED-4F7C-9F4A-3F1B73B5AABF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE08247-BC07-4968-BFE0-491D761BD438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E768D8A2-18A9-4CA7-96E2-FF3393A380A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3EE65908-798A-4872-BD17-F42CA1C33898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BBFF0E62-6B39-4562-A261-1C3E3A587977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0BEFC8EC-9C9C-49D9-93DE-D5D091709E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD31DFD-F92C-4535-88AE-41E3AA402FD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.4:beta1:*:*:*:*:*:*",
"matchCriteriaId": "98C0B959-3F7C-4A6E-ACE5-A34B3AB559B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.4:beta2:*:*:*:*:*:*",
"matchCriteriaId": "94A52C3A-9FB3-4F8F-B406-24F5C8A17675",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.4:beta3:*:*:*:*:*:*",
"matchCriteriaId": "1B12DAD5-01DE-4270-9F2B-FE4F60DA51C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "48E2FD96-DCC0-45E0-94FE-CA58B4E14740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2AB6FA42-3CAF-4EAD-8A00-6CC1C41B91F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD7AAB17-29B5-4423-ACCB-6C8A06B0F641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7068B8FB-5689-4A9D-ABFC-D7BE19A0BEFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oisf:suricata:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8396101C-CC57-4692-A505-47F30F12647C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openinfosecfoundation:suricata:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C221CDA5-C3CF-4015-AEE5-DECC263ACFAB",
"versionEndIncluding": "1.4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openinfosecfoundation:suricata:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5EFC9D2C-F02C-4E85-B8B0-8003466F0304",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Suricata before 1.4.6 allows remote attackers to cause a denial of service (crash) via a malformed SSL record."
},
{
"lang": "es",
"value": "Suricata anterior a 1.4.6 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un registro SSL malformado."
}
],
"id": "CVE-2013-5919",
"lastModified": "2024-11-21T01:58:26.323",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-30T14:55:08.397",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/54968"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://suricata-ids.org/2013/09/24/suricata-1-4-6-released/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87492"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/54968"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://suricata-ids.org/2013/09/24/suricata-1-4-6-released/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87492"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-18 20:59
Modified
2024-11-21 03:31
Severity ?
Summary
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/97047 | ||
| cve@mitre.org | https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8 | Issue Tracking, Patch, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html | ||
| cve@mitre.org | https://redmine.openinfosecfoundation.org/issues/2019 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/97047 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://redmine.openinfosecfoundation.org/issues/2019 | Issue Tracking, Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openinfosecfoundation | suricata | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openinfosecfoundation:suricata:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0544C003-683A-455F-B07A-6374901D983C",
"versionEndIncluding": "3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching."
},
{
"lang": "es",
"value": "Suricata en versiones anteriores a 3.2.1 tiene un problema de evasi\u00f3n de desfragmentaci\u00f3n IPv4 provocado por la falta de una comprobaci\u00f3n para el protocolo IP durante la coincidencia de fragmentos."
}
],
"id": "CVE-2017-7177",
"lastModified": "2024-11-21T03:31:19.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-18T20:59:00.173",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/97047"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://redmine.openinfosecfoundation.org/issues/2019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/97047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://redmine.openinfosecfoundation.org/issues/2019"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-358"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-03-20 16:59
Modified
2024-11-21 02:39
Severity ?
Summary
The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a crafted HTTP request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777523 | Third Party Advisory | |
| cve@mitre.org | https://redmine.openinfosecfoundation.org/issues/1364 | Third Party Advisory | |
| cve@mitre.org | https://suricata-ids.org/2015/01/15/suricata-2-0-6-available/ | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777523 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://redmine.openinfosecfoundation.org/issues/1364 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://suricata-ids.org/2015/01/15/suricata-2-0-6-available/ | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openinfosecfoundation | suricata | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openinfosecfoundation:suricata:*:*:*:*:*:*:*:*",
"matchCriteriaId": "463678B1-3332-4B9C-B434-78759447570A",
"versionEndIncluding": "2.0.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a crafted HTTP request."
},
{
"lang": "es",
"value": "La funci\u00f3n MemcmpLowercase en Suricata en versiones anteriores a 2.0.6 excluye incorrectamente el primer byte de las comparaciones, lo que podr\u00eda permitir a atacantes remotos eludir la funcionalidad de prevenci\u00f3n de intrusiones a trav\u00e9s de una solicitud HTTP manipulada."
}
],
"id": "CVE-2015-8954",
"lastModified": "2024-11-21T02:39:31.973",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-20T16:59:01.407",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777523"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://redmine.openinfosecfoundation.org/issues/1364"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://suricata-ids.org/2015/01/15/suricata-2-0-6-available/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://redmine.openinfosecfoundation.org/issues/1364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://suricata-ids.org/2015/01/15/suricata-2-0-6-available/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-07 14:55
Modified
2024-11-21 02:14
Severity ?
Summary
The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service (crash), or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| openinfosecfoundation | suricata | * | |
| openinfosecfoundation | suricata | 2.0.1-1 | |
| openinfosecfoundation | suricata | 2.0.1-2 | |
| openinfosecfoundation | suricata | 2.0.2-1 | |
| openinfosecfoundation | suricata | 2.0.2-2 | |
| openinfosecfoundation | suricata | 2.0.3-1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openinfosecfoundation:suricata:*:*:*:*:*:*:*:*",
"matchCriteriaId": "264259AB-D095-4937-AA55-EC6C18AB7AC2",
"versionEndIncluding": "2.0.3-2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openinfosecfoundation:suricata:2.0.1-1:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB77C7F-7283-46A6-8C81-086BFC081E85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openinfosecfoundation:suricata:2.0.1-2:*:*:*:*:*:*:*",
"matchCriteriaId": "C34D49DB-60C7-4DCC-B0A7-D8A2609C9185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openinfosecfoundation:suricata:2.0.2-1:*:*:*:*:*:*:*",
"matchCriteriaId": "48850034-C8C8-45EC-8BB8-000671C2AFA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openinfosecfoundation:suricata:2.0.2-2:*:*:*:*:*:*:*",
"matchCriteriaId": "36425BC4-8A63-48A1-9209-C4401255629B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openinfosecfoundation:suricata:2.0.3-1:*:*:*:*:*:*:*",
"matchCriteriaId": "752330B0-3AC1-4604-BD2B-7C444E233235",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service (crash), or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write."
},
{
"lang": "es",
"value": "La funci\u00f3n SSHParseBanner en SSH parser (app-layer-ssh.c) en Suricata anterior a 2.0.4 permite a atacantes remotos evadir las normas SSH, causar una denegaci\u00f3n de servicio (ca\u00edda), o posiblemente tener otro impacto no especificado a trav\u00e9s de un banner manipulado, lo que provoca una reserva de memoria grande o una escritura fuera de rango."
}
],
"id": "CVE-2014-6603",
"lastModified": "2024-11-21T02:14:44.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-07T14:55:07.517",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139630.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139821.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/128382/Suricata-2.0.3-Out-Of-Bounds-Access.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Sep/79"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/533515/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/70083"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139630.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139821.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://packetstormsecurity.com/files/128382/Suricata-2.0.3-Out-Of-Bounds-Access.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2014/Sep/79"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/533515/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96157"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2017-7177
Vulnerability from cvelistv5
Published
2017-03-18 20:10
Modified
2024-08-05 15:56
Severity ?
EPSS score ?
Summary
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching.
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html | mailing-list, x_refsource_MLIST | |
| https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8 | x_refsource_CONFIRM | |
| https://redmine.openinfosecfoundation.org/issues/2019 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/97047 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:56:36.051Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20181204 [SECURITY] [DLA 1603-1] suricata security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://redmine.openinfosecfoundation.org/issues/2019"
},
{
"name": "97047",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97047"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-05T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[debian-lts-announce] 20181204 [SECURITY] [DLA 1603-1] suricata security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://redmine.openinfosecfoundation.org/issues/2019"
},
{
"name": "97047",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97047"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7177",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20181204 [SECURITY] [DLA 1603-1] suricata security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html"
},
{
"name": "https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8",
"refsource": "CONFIRM",
"url": "https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/2019",
"refsource": "CONFIRM",
"url": "https://redmine.openinfosecfoundation.org/issues/2019"
},
{
"name": "97047",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97047"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-7177",
"datePublished": "2017-03-18T20:10:00",
"dateReserved": "2017-03-18T00:00:00",
"dateUpdated": "2024-08-05T15:56:36.051Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5919
Vulnerability from cvelistv5
Published
2014-05-30 14:00
Modified
2024-08-06 17:29
Severity ?
EPSS score ?
Summary
Suricata before 1.4.6 allows remote attackers to cause a denial of service (crash) via a malformed SSL record.
References
| ▼ | URL | Tags |
|---|---|---|
| http://suricata-ids.org/2013/09/24/suricata-1-4-6-released/ | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/87492 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/54968 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:41.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://suricata-ids.org/2013/09/24/suricata-1-4-6-released/"
},
{
"name": "suricata-cve20135919-ssl-dos(87492)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87492"
},
{
"name": "54968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54968"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Suricata before 1.4.6 allows remote attackers to cause a denial of service (crash) via a malformed SSL record."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://suricata-ids.org/2013/09/24/suricata-1-4-6-released/"
},
{
"name": "suricata-cve20135919-ssl-dos(87492)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87492"
},
{
"name": "54968",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54968"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5919",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Suricata before 1.4.6 allows remote attackers to cause a denial of service (crash) via a malformed SSL record."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://suricata-ids.org/2013/09/24/suricata-1-4-6-released/",
"refsource": "CONFIRM",
"url": "http://suricata-ids.org/2013/09/24/suricata-1-4-6-released/"
},
{
"name": "suricata-cve20135919-ssl-dos(87492)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87492"
},
{
"name": "54968",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54968"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-5919",
"datePublished": "2014-05-30T14:00:00",
"dateReserved": "2013-09-19T00:00:00",
"dateUpdated": "2024-08-06T17:29:41.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-15377
Vulnerability from cvelistv5
Published
2017-10-23 08:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn't stop when it should after no match is found; instead, it stops only upon reaching inspection-recursion-limit (3000 by default).
References
| ▼ | URL | Tags |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html | mailing-list, x_refsource_MLIST | |
| https://redmine.openinfosecfoundation.org/issues/2231 | x_refsource_MISC | |
| https://github.com/OISF/suricata/commit/b9579fbe7dd408200ef03cbe20efddb624b73885 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:57:25.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[debian-lts-announce] 20181204 [SECURITY] [DLA 1603-1] suricata security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://redmine.openinfosecfoundation.org/issues/2231"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/OISF/suricata/commit/b9579fbe7dd408200ef03cbe20efddb624b73885"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn\u0027t stop when it should after no match is found; instead, it stops only upon reaching inspection-recursion-limit (3000 by default)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-27T14:00:33",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[debian-lts-announce] 20181204 [SECURITY] [DLA 1603-1] suricata security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://redmine.openinfosecfoundation.org/issues/2231"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/OISF/suricata/commit/b9579fbe7dd408200ef03cbe20efddb624b73885"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn\u0027t stop when it should after no match is found; instead, it stops only upon reaching inspection-recursion-limit (3000 by default)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20181204 [SECURITY] [DLA 1603-1] suricata security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/2231",
"refsource": "MISC",
"url": "https://redmine.openinfosecfoundation.org/issues/2231"
},
{
"name": "https://github.com/OISF/suricata/commit/b9579fbe7dd408200ef03cbe20efddb624b73885",
"refsource": "MISC",
"url": "https://github.com/OISF/suricata/commit/b9579fbe7dd408200ef03cbe20efddb624b73885"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-15377",
"datePublished": "2017-10-23T08:00:00",
"dateReserved": "2017-10-16T00:00:00",
"dateUpdated": "2024-08-05T19:57:25.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-8954
Vulnerability from cvelistv5
Published
2017-03-20 16:00
Modified
2024-08-06 08:36
Severity ?
EPSS score ?
Summary
The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a crafted HTTP request.
References
| ▼ | URL | Tags |
|---|---|---|
| https://suricata-ids.org/2015/01/15/suricata-2-0-6-available/ | x_refsource_CONFIRM | |
| https://redmine.openinfosecfoundation.org/issues/1364 | x_refsource_CONFIRM | |
| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777523 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:31.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://suricata-ids.org/2015/01/15/suricata-2-0-6-available/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://redmine.openinfosecfoundation.org/issues/1364"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777523"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a crafted HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-20T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://suricata-ids.org/2015/01/15/suricata-2-0-6-available/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://redmine.openinfosecfoundation.org/issues/1364"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777523"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8954",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a crafted HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://suricata-ids.org/2015/01/15/suricata-2-0-6-available/",
"refsource": "CONFIRM",
"url": "https://suricata-ids.org/2015/01/15/suricata-2-0-6-available/"
},
{
"name": "https://redmine.openinfosecfoundation.org/issues/1364",
"refsource": "CONFIRM",
"url": "https://redmine.openinfosecfoundation.org/issues/1364"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777523",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777523"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8954",
"datePublished": "2017-03-20T16:00:00",
"dateReserved": "2016-08-28T00:00:00",
"dateUpdated": "2024-08-06T08:36:31.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-0971
Vulnerability from cvelistv5
Published
2015-05-14 14:00
Modified
2024-08-06 04:26
Severity ?
EPSS score ?
Summary
The DER parser in Suricata before 2.0.8 allows remote attackers to cause a denial of service (crash) via vectors related to SSL/TLS certificates.
References
| ▼ | URL | Tags |
|---|---|---|
| http://suricata-ids.org/2015/05/06/suricata-2-0-8-available/ | x_refsource_CONFIRM | |
| http://www.debian.org/security/2015/dsa-3254 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.549Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://suricata-ids.org/2015/05/06/suricata-2-0-8-available/"
},
{
"name": "DSA-3254",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3254"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DER parser in Suricata before 2.0.8 allows remote attackers to cause a denial of service (crash) via vectors related to SSL/TLS certificates."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-05-14T13:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://suricata-ids.org/2015/05/06/suricata-2-0-8-available/"
},
{
"name": "DSA-3254",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3254"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2015-0971",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DER parser in Suricata before 2.0.8 allows remote attackers to cause a denial of service (crash) via vectors related to SSL/TLS certificates."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://suricata-ids.org/2015/05/06/suricata-2-0-8-available/",
"refsource": "CONFIRM",
"url": "http://suricata-ids.org/2015/05/06/suricata-2-0-8-available/"
},
{
"name": "DSA-3254",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3254"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2015-0971",
"datePublished": "2015-05-14T14:00:00",
"dateReserved": "2015-01-10T00:00:00",
"dateUpdated": "2024-08-06T04:26:11.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-6603
Vulnerability from cvelistv5
Published
2014-10-07 14:00
Modified
2024-08-06 12:24
Severity ?
EPSS score ?
Summary
The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service (crash), or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/70083 | vdb-entry, x_refsource_BID | |
| http://packetstormsecurity.com/files/128382/Suricata-2.0.3-Out-Of-Bounds-Access.html | x_refsource_MISC | |
| http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139821.html | vendor-advisory, x_refsource_FEDORA | |
| http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139630.html | vendor-advisory, x_refsource_FEDORA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/96157 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/533515/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://seclists.org/fulldisclosure/2014/Sep/79 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:24:34.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "70083",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70083"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/128382/Suricata-2.0.3-Out-Of-Bounds-Access.html"
},
{
"name": "FEDORA-2014-11462",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139821.html"
},
{
"name": "FEDORA-2014-11302",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139630.html"
},
{
"name": "suricata-cve20146603-dos(96157)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96157"
},
{
"name": "20140923 CVE-2014-6603 suricata 2.0.3 Out-of-bounds access in SSH parser",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/533515/100/0/threaded"
},
{
"name": "20140923 CVE-2014-6603 suricata 2.0.3 Out-of-bounds access in SSH parser",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Sep/79"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service (crash), or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "70083",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70083"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/128382/Suricata-2.0.3-Out-Of-Bounds-Access.html"
},
{
"name": "FEDORA-2014-11462",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139821.html"
},
{
"name": "FEDORA-2014-11302",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139630.html"
},
{
"name": "suricata-cve20146603-dos(96157)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96157"
},
{
"name": "20140923 CVE-2014-6603 suricata 2.0.3 Out-of-bounds access in SSH parser",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/533515/100/0/threaded"
},
{
"name": "20140923 CVE-2014-6603 suricata 2.0.3 Out-of-bounds access in SSH parser",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Sep/79"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6603",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service (crash), or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "70083",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70083"
},
{
"name": "http://packetstormsecurity.com/files/128382/Suricata-2.0.3-Out-Of-Bounds-Access.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/128382/Suricata-2.0.3-Out-Of-Bounds-Access.html"
},
{
"name": "FEDORA-2014-11462",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139821.html"
},
{
"name": "FEDORA-2014-11302",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139630.html"
},
{
"name": "suricata-cve20146603-dos(96157)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96157"
},
{
"name": "20140923 CVE-2014-6603 suricata 2.0.3 Out-of-bounds access in SSH parser",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533515/100/0/threaded"
},
{
"name": "20140923 CVE-2014-6603 suricata 2.0.3 Out-of-bounds access in SSH parser",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Sep/79"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-6603",
"datePublished": "2014-10-07T14:00:00",
"dateReserved": "2014-09-18T00:00:00",
"dateUpdated": "2024-08-06T12:24:34.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}