2 matches found
FreeBSD : suricata -- buffer over-read (3b903bf3-7f94-11e9-8a5f-c85b76ce9b5a)
Mitre reports : An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow. C...
CVE-2019-10053
CVE-2019-10053 affects Suricata 4.1.x before 4.1.4. The vulnerability occurs in SSHParseBanner: if the input consists only of a newline character, the program can trigger a heap-based buffer over-read due to an integer underflow from an erroneous search for \r. This issue is documented in multipl...