4 matches found
CVE-2014-6603
The SSHParseBanner function in SSH parser app-layer-ssh.c in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service crash, or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write...
CVE-2014-6603
Suricata’s SSH banner parsing (SSHParseBanner in app-layer-ssh.c) is affected. In versions 2.0.3 and 2.1beta1, crafted banners can trigger a very large memory allocation or out-of-bounds access/write, allowing bypass of SSH rules and causing a denial-of-service (crash). A fix is available in Suri...
Fedora 20 : suricata-2.0.4-1.fc20 (2014-11462)
This update fixes a bug in the SSH parser, where a malformed banner could lead to evasion of SSH rules and missing log entries. In some cases it may also lead to a crash, CVE-2014-6603. Additionally, this release also addresses a new IPv6 issue that can lead to evasion. Note that Tenable Network...
Fedora Update for suricata FEDORA-2014-11462
Check the version of suricata SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868355";...