24 matches found
CVE-1999-0599
A network intrusion detection system IDS does not properly handle packets with improper sequence numbers...
CVE-1999-0601
A network intrusion detection system IDS does not properly handle data within TCP handshake packets...
CVE-1999-0598
A network intrusion detection system IDS does not properly handle packets that are sent out of order, allowing an attacker to escape detection...
CVE-1999-0600
A network intrusion detection system IDS does not verify the checksum on a packet...
CVE-1999-0602
A network intrusion detection system IDS does not properly reassemble fragmented packets...
EUVD-1999-0584
Malware in sbrugna...
EUVD-1999-0585
Malware in sbrugna...
CVE-2025-29918 Suricata pcre: negated pcr can cause infinite loop
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A PCRE rule can be written that leads to an infinite loop when negated PCRE is used. Packet processing thread becomes stuck in infinite loop limiting visibility and availability i...
CVE-2024-55628
Suricata is affected by CVE-2024-55628 due to DNS resource name compression before version 7.0.8, which can produce small DNS messages with very large hostnames and generate oversized log records. The issue has been addressed in Suricata 7.0.8 and later. (Supported by PTSecurity/PT-2025-48205, PT...
CVE-2024-45796
CVE-2024-45796 affects Suricata, a network IDS/IPS/NSM engine. The issue is a logic error during fragment reassembly that can cause failed reassembly for valid traffic when processing certain fragments. This vulnerability is addressed in Suricata version 7.0.7; upgrading to 7.0.7 or later mitigat...
CVE-2024-38536 Suricata http/range: NULL-ptr deref when http.memcap is reached
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. A memory allocation failure due to http.memcap being reached leads to a NULL-ptr reference leading to a crash. Upgrade to 7.0.6...
CVE-2024-32663 Suricata 's http2 parser contains an improper compressed header handling can lead to resource starvation
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, a small amount of HTTP/2 traffic can lead to Suricata using a large amount of memory. The issue has been addressed in Suricata 7.0.5 and 6.0.19...
CVE-2024-23835
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.3, excessive memory use during pgsql parsing could lead to OOM-related crashes. This vulnerability is patched in 7.0.3. As workaround, users can disable the...
CVE-2024-23839 Suricata http: heap use after free with http.request_header and http.response_header keywords
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.3, specially crafted traffic can cause a heap use after free if the ruleset uses the http.requestheader or http.responseheader keyword. The vulnerability has been...
CVE-2024-23835 Suricata's pgsql: memory exhaustion use on record parsing
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.3, excessive memory use during pgsql parsing could lead to OOM-related crashes. This vulnerability is patched in 7.0.3. As workaround, users can disable the...
Microsoft Windows TCP/IP CVE-2018-8493 Information Disclosure Vulnerability
Description Microsoft Windows is prone to a information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 160...
Debian Security Advisory DSA 3254-1 (suricata - security update)
Kostya Kortchinsky of the Google Security Team discovered a flaw in the DER parser used to decode SSL/TLS certificates in suricata. A remote attacker can take advantage of this flaw to cause suricata to crash. OpenVAS Vulnerability Test $Id: deb3254.nasl 6609 2017-07-07 12:05:59Z cfischer $...
[SECURITY] Fedora 12 Update: libnids-1.24-1.fc12
Libnids is an implementation of an E-component of Network Intrusion Detection System. It emulates the IP stack of Linux 2.x and offers IP defragmentation, TCP stream assembly and TCP port scan detection. Using libnids, one has got a convenient access to data carried by a TCP stream, no matter how...
Debian: Security Advisory (DSA-297)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Snort GRE报文解码整数溢出漏洞
Snort是广泛部署的开放源码网络入侵检测系统(IDS)。很多其他IDS产品中也使用了Snort及其组件。 Snort的decode.c文件中DecodeGRE函数在解码GRE协议时存在整数溢出漏洞,攻击者可能利用此漏洞获取某些敏感信息。 漏洞相关代码如下: ==BEGIN CODE== ... line 3459 decode.c void DecodeGREuint8t pkt, const uint32t len, Packet p uint8t flags; uint32t hlen; / GRE header length / uint32t payloadlen;...