14 matches found
EUVD-2019-2116
Malware in sbrugna...
SUSE CVE-2018-10242
Suricata version 4.0.4 incorrectly handles the parsing of the SSH banner. A malformed SSH banner can cause the parsing code to read beyond the allocated data because SSHParseBanner in app-layer-ssh.c lacks a length check...
SUSE CVE-2019-10053
An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow...
FreeBSD : suricata -- buffer over-read (3b903bf3-7f94-11e9-8a5f-c85b76ce9b5a)
Mitre reports : An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow. C...
CVE-2019-10053
An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow...
CVE-2019-10053
An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow...
Heap overflow
An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow...
CVE-2019-10053
An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow...
CVE-2019-10053
An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow...
suricata -- buffer over-read
Mitre reports: An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow...
CVE-2014-6603
The SSHParseBanner function in SSH parser app-layer-ssh.c in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service crash, or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write...
Design/Logic Flaw
The SSHParseBanner function in SSH parser app-layer-ssh.c in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service crash, or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write...
CVE-2014-6603
The SSHParseBanner function in SSH parser app-layer-ssh.c in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service crash, or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write...
CVE-2014-6603
The SSHParseBanner function in SSH parser app-layer-ssh.c in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service crash, or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write...