CVE-2019-10056
https://notcve.org/view.php?id=CVE-2019-10056
An issue was discovered in Suricata 4.1.3. The code mishandles the case of sending a network packet with the right type, such that the function DecodeEthernet in decode-ethernet.c is executed a second time. At this point, the algorithm cuts the first part of the packet and doesn't determine the current length. Specifically, if the packet is exactly 28 long, in the first iteration it subtracts 14 bytes. Then, it is working with a packet length of 14. • https://redmine.openinfosecfoundation.org/issues/2946 https://suricata-ids.org/2019/04/30/suricata-4-1-4-released • CWE-787: Out-of-bounds Write •
CVE-2019-10054
https://notcve.org/view.php?id=CVE-2019-10054
An issue was discovered in Suricata 4.1.3. The function process_reply_record_v3 lacks a check for the length of reply.data. It causes an invalid memory access and the program crashes within the nfs/nfs3.rs file. Se descubrió un problema en Suricata 4.1.3. La función process_reply_record_v3 carece de una verificación para la longitud de reply.data. • https://redmine.openinfosecfoundation.org/issues/2943 https://suricata-ids.org/2019/04/30/suricata-4-1-4-released • CWE-20: Improper Input Validation CWE-191: Integer Underflow (Wrap or Wraparound) •
CVE-2019-10052
https://notcve.org/view.php?id=CVE-2019-10052
An issue was discovered in Suricata 4.1.3. If the network packet does not have the right length, the parser tries to access a part of a DHCP packet. At this point, the Rust environment runs into a panic in parse_clientid_option in the dhcp/parser.rs file. Se descubrió un problema en Suricata 4.1.3. Si el paquete de red no tiene la longitud correcta, el analizador intenta acceder a una parte de un paquete DHCP. • https://redmine.openinfosecfoundation.org/issues/2902 https://redmine.openinfosecfoundation.org/issues/2947 https://suricata-ids.org/2019/04/30/suricata-4-1-4-released • CWE-707: Improper Neutralization •
CVE-2019-10051
https://notcve.org/view.php?id=CVE-2019-10051
An issue was discovered in Suricata 4.1.3. If the function filetracker_newchunk encounters an unsafe "Some(sfcm) => { ft.new_chunk }" item, then the program enters an smb/files.rs error condition and crashes. Se descubrió un problema en Suricata 4.1.3. Si la función filetracker_newchunk encuentra un elemento inseguro "Some (sfcm) => {ft.new_chunk}", el programa ingresa una condición de error smb / files.rs y se bloquea. • https://github.com/OISF/suricata/pull/3734 https://redmine.openinfosecfoundation.org/issues/2896 https://suricata-ids.org/2019/04/30/suricata-4-1-4-released • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2019-1010279
https://notcve.org/view.php?id=CVE-2019-1010279
Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed sequence of network packets. The component is: detect.c (https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b). The attack vector is: An attacker can trigger the vulnerability by a specifically crafted network TCP session. The fixed version is: 4.1.3. • https://github.com/OISF/suricata/pull/3625 https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b https://redmine.openinfosecfoundation.org/issues/2770 • CWE-347: Improper Verification of Cryptographic Signature •