5 matches found
EUVD-2021-31889
Malicious code in bioql PyPI...
CVE-2021-45098
An issue was discovered in Suricata before 6.0.4. It is possible to bypass/evade any HTTP-based signature by faking an RST TCP packet with random TCP options of the md5header from the client side. After the three-way handshake, it's possible to inject an RST ACK with a random TCP md5header option...
CVE-2021-45098
An issue was discovered in Suricata before 6.0.4. It is possible to bypass/evade any HTTP-based signature by faking an RST TCP packet with random TCP options of the md5header from the client side. After the three-way handshake, it's possible to inject an RST ACK with a random TCP md5header option...
CVE-2021-45098
An issue was discovered in Suricata before 6.0.4. It is possible to bypass/evade any HTTP-based signature by faking an RST TCP packet with random TCP options of the md5header from the client side. After the three-way handshake, it's possible to inject an RST ACK with a random TCP md5header option...
CVE-2021-45098
CVE-2021-45098 affects Suricata (pre-6.0.4). Core issue: an attacker can bypass HTTP-based signature checks by spoofing an RST TCP packet with random md5header options, injecting an RST ACK after the 3‑way handshake, leading the server to deliver HTTP responses for forbidden URLs without triggeri...