Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2020/01/31 12:0 a.m.39 views

Debian DLA-2087-1 : suricata security update

Two vulnerabilities have recently been discovered in the stream-tcp code of the intrusion detection and prevention tool Suricata. CVE-2019-18625 It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it was possible t...

9.1CVSS7.5AI score0.02521EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2020/01/31 12:0 a.m.55 views

Debian: Security Advisory (DLA-2087-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.5AI score0.02521EPSS
Exploits1References3
Debian
Debian
added 2020/01/30 3:30 p.m.52 views

[SECURITY] [DLA 2087-1] suricata security update

Package : suricata Version : 2.0.7-2+deb8u5 CVE ID : CVE-2019-18625 CVE-2019-18792 Two vulnerabilities have recently been discovered in the stream-tcp code of the intrusion detection and prevention tool Suricata. CVE-2019-18625 It was possible to bypass/evade any tcp based signature by faking a...

9.1CVSS7.1AI score0.02521EPSS
Exploits1
OSV
OSV
added 2020/01/06 9:15 p.m.18 views

CVE-2019-18625

An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it is possible to inject a RST ACK and a FIN ACK packet with a bad TCP Timestamp option. The client will ignore the RST...

7.5CVSS6.6AI score
Exploits0References5
CVE
CVE
added 2020/01/06 8:9 p.m.144 views

CVE-2019-18625

CVE-2019-18625 affects Suricata 5.0.0 and enables evasion of tcp-based signatures by spoofing a closed TCP session with injected RST/FIN packets that abuse a bad TCP Timestamp option; affected platforms include Linux and Windows clients as described in multiple sources. The connected docs confirm...

7.5CVSS7.4AI score0.0171EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2020/01/06 8:9 p.m.36 views

CVE-2019-18625

An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it is possible to inject a RST ACK and a FIN ACK packet with a bad TCP Timestamp option. The client will ignore the RST...

7.5CVSS7.4AI score0.0171EPSS
Exploits0
Rows per page
Query Builder