239 matches found
CVE-2024-55629
CVE-2024-55629 affects Suricata prior to 7.0.8, where TCP urgent data handling could cause data to be analyzed differently than at endpoints, enabling evasions. In IPS mode, administrator can drop urgent-data packets via rules (e.g., tcp.flags:U*). The issue is addressed in Suricata 7.0.8 and lat...
CVE-2024-55629
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data out of band data can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible...
CVE-2024-55626
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue has been addressed in Suricata 7.0.8...
CVE-2024-55605
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large input buffer to the tolowercase, touppercase, stripwhitespace, compresswhitespace, dotprefix, headerlowercase, strippseudoheaders, urldecode, or xor...
CVE-2024-47188
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, missing initialization of the random seed for "thash" leads to byte-range tracking having predictable hash table behavior. This can lead to an attacker...
CVE-2024-45795 Suricata detect/datasets: reachable assertion with unimplemented rule option
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during traffic parsing, leading to denial of service...
CVE-2024-45795 Suricata detect/datasets: reachable assertion with unimplemented rule option
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.7, rules using datasets with the non-functional / unimplemented "unset" option can trigger an assertion during traffic parsing, leading to denial of service...
SUSE CVE-2024-46870
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable DMCUB timeout for DCN35 Why DMCUB can intermittently take longer than expected to process commands. Old ASIC policy was to continue while logging a diagnostic error - which works fine for ASIC without IPS...
UBUNTU-CVE-2024-46870
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable DMCUB timeout for DCN35 Why DMCUB can intermittently take longer than expected to process commands. Old ASIC policy was to continue while logging a diagnostic error - which works fine for ASIC without IPS...
CVE-2024-20508
A vulnerability in Cisco Unified Threat Defense UTD Snort Intrusion Prevention System IPS Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service DoS condition on an affected device. This vulnerability is...
CVE-2024-20508 Cisco UTD Snort IPS Engine Software for Cisco IOS XE Software Security Policy Bypass and Denial of Service Vulnerability
A vulnerability in Cisco Unified Threat Defense UTD Snort Intrusion Prevention System IPS Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service DoS condition on an affected device. This vulnerability is...
Cisco Unified Threat Defense Snort Intrusion Prevention System Engine for Cisco IOS XE Software Security Policy Bypass and Denial of Service Vulnerability
A vulnerability in Cisco Unified Threat Defense UTD Snort Intrusion Prevention System IPS Engine for Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured security policies or cause a denial of service DoS condition on an affected device. This vulnerability is...
The vulnerability of the Suricata intrusion detection and prevention system, related to overflowing buffers in dynamic memory, allows an intruder to trigger a service failure.
The vulnerability of the Suricata intrusion detection and prevention system is related to the overflow of the buffer in the dynamic memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure...
CVE-2024-38536 Suricata http/range: NULL-ptr deref when http.memcap is reached
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A memory allocation failure due to http.memcap being reached leads to a NULL-ptr reference leading to a crash. Upgrade to 7.0.6...
Trellix IPS Manager Security Vulnerability
Trellix IPS Manager is a next-generation IPS for local and virtual networks from FireEye Trellix USA. A security vulnerability exists in Trellix IPS Manager, Central Manager, and Local Manager. An attacker could exploit the vulnerability to obtain sensitive information...
Trellix IPS Manager Code Issue Vulnerability
Trellix IPS Manager is a next-generation IPS for local and virtual networks from FireEye Trellix USA. Trellix IPS Manager suffers from a code issue vulnerability that stems from insecure deserialization. An attacker exploiting this vulnerability could execute arbitrary code...
Cisco Firepower Threat Defense Software Snort 3 HTTP Intrusion Prevention System Rule Bypass (cisco-sa-snort3-ips-bypass-uE69KBMd)
According to its self-reported version, Cisco Firepower Threat Defense FTD Software is affected by a vulnerability. - Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System IPS rule engine that could allow an unauthenticated, remote attacker to bypass the...
CVE-2024-20363
Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System IPS rule engine that could allow an unauthenticated, remote attacker to bypass the configured rules on an affected system. This vulnerability is due to incorrect HTTP packet handling. An attacker coul...
CVE-2024-20363
CVE-2024-20363 affects multiple Cisco products due to a vulnerability in the Snort 3 IPS rule engine caused by incorrect HTTP packet handling. An unauthenticated, remote attacker can exploit crafted HTTP traffic to bypass configured IPS rules, allowing uninspected traffic onto the network. Affect...
PT-2024-4188 · Cisco · Snort Intrusion Prevention System
Name of the Vulnerable Software and Affected Versions: Cisco products affected versions not specified Description: The issue is related to a vulnerability in the Snort Intrusion Prevention System IPS rule engine, which could allow an unauthenticated, remote attacker to bypass the configured rules...