PT-2018-1050 · Open Information Security Foundation+1 · Suricata+1

Kirill Shipulin

+1

·

Publicado

2018-01-25

·

Atualizado

2021-06-24

·

CVE-2018-6794

CVSS v2.0

7.5

Alta

VetorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions Suricata versions prior to 4.0.4
Description The issue allows a malicious server to bypass HTTP detection by sending data before the 3-way handshake is complete, which can be accepted by web clients but ignored by Suricata IDS signatures. This primarily affects IDS signatures for the HTTP protocol and TCP stream content.
Recommendations For Suricata versions prior to 4.0.4, update to version 4.0.4 or later to resolve the issue. As a temporary workaround, consider restricting the use of the detect.c and stream-tcp.c components until a patch is available.

Exploit

Correção

Protection Mechanism Failure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-435CWE-693

Identificadores relacionados

ALT-PU-2020-3551
ALT-PU-2021-2056
BDU:2018-00358
CVE-2018-6794
DLA-1603-1

Produtos afetados

Alt Linux
Suricata