Lucene search
K

4 matches found

NVD
NVD
added 2020/01/06 9:15 p.m.36 views

CVE-2019-18625

An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it is possible to inject a RST ACK and a FIN ACK packet with a bad TCP Timestamp option. The client will ignore the RST...

7.5CVSS7.6AI score0.0171EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2020/01/06 6:15 p.m.20 views

CVE-2019-18792

An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature by overlapping a TCP segment with a fake FIN packet. The fake FIN packet is injected just before the PUSH ACK packet we want to bypass. The PUSH ACK packet containing the data will be ignored by...

9.1CVSS7.2AI score0.02521EPSS
Exploits1References7
Prion
Prion
added 2020/01/06 6:15 p.m.17 views

Design/Logic Flaw

An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature by overlapping a TCP segment with a fake FIN packet. The fake FIN packet is injected just before the PUSH ACK packet we want to bypass. The PUSH ACK packet containing the data will be ignored by...

6.4CVSS9AI score0.02521EPSS
Exploits1References5Affected Software2
Positive Technologies
Positive Technologies
added 2020/01/06 12:0 a.m.3 views

PT-2020-6918 · Suricata · Suricata

Name of the Vulnerable Software and Affected Versions: Suricata version 5.0.0 Description: A problem was discovered in Suricata where it is possible to bypass or evade any TCP-based signature by faking a closed TCP session using a malicious server. After the TCP SYN packet, it is possible to inje...

10CVSS6.6AI score0.02521EPSS
Exploits1References22
Rows per page
Query Builder