MidnightBSD

Advisories for openinfosecfoundation

CVE-2013-5919 MEDIUM

Suricata before 1.4.6 allows remote attackers to cause a denial of service (crash) via a malformed SSL record.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
oisf suricata 1.3.2
oisf suricata 1.3.5
oisf suricata 1.3.3
oisf suricata 1.4.4
oisf suricata 1.3.6
oisf suricata 1.4.3
oisf suricata 1.4.1
openinfosecfoundation suricata 1.3
openinfosecfoundation suricata 1.4
oisf suricata 1.3.1
oisf suricata 1.4.2
oisf suricata 1.3.4
openinfosecfoundation suricata *
CVE-2014-6603 MEDIUM

The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service (crash), or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
openinfosecfoundation suricata 2.0.3-1
openinfosecfoundation suricata 2.0.2-1
openinfosecfoundation suricata 2.0.1-1
openinfosecfoundation suricata *
openinfosecfoundation suricata 2.0.2-2
openinfosecfoundation suricata 2.0.1-2
CVE-2015-0971 MEDIUM

The DER parser in Suricata before 2.0.8 allows remote attackers to cause a denial of service (crash) via vectors related to SSL/TLS certificates.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
openinfosecfoundation suricata *
debian debian_linux 8.0
CVE-2015-8954 HIGH

The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a crafted HTTP request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
openinfosecfoundation suricata *
CVE-2017-15377 MEDIUM

In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn't stop when it should after no match is found; instead, it stops only upon reaching inspection-recursion-limit (3000 by default).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
openinfosecfoundation suricata *
CVE-2017-7177 MEDIUM

Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-358,

Products Affected

Vendor Product Version
openinfosecfoundation suricata *