CVE-2014-6603

Suricata’s SSH banner parsing (SSHParseBanner in app-layer-ssh.c) is affected. In versions 2.0.3 and 2.1beta1, crafted banners can trigger a very large memory allocation or out-of-bounds access/write, allowing bypass of SSH rules and causing a denial-of-service (crash). A fix is available in Suri...