CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15699
https://notcve.org/view.php?id=CVE-2019-15699
An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon receiving a corrupted SSLv3 (TLS 1.2) packet, the parser function TLSDecodeHSHelloExtensions tries to access a memory region that is not allocated, because the expected length of HSHelloExtensions does not match the real length of the HSHelloExtensions part of the packet. Se detectó un problema en el archivo app-layer-ssl.c en Suricata versión 4.1.4. Tras recibir un paquete SSLv3 (TLS 1.2) corrupto, la función de analizador TLSDecodeHSHelloExtensions intenta acceder a una región de memoria que no está asignada, porque la longitud esperada de HSHelloExtensions no coincide con la longitud real de la parte HSHelloExtensions del paquete. • https://lists.openinfosecfoundation.org/pipermail/oisf-announce https://suricata-ids.org/2019/09/24/suricata-4-1-5-released • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-10056
https://notcve.org/view.php?id=CVE-2019-10056
An issue was discovered in Suricata 4.1.3. The code mishandles the case of sending a network packet with the right type, such that the function DecodeEthernet in decode-ethernet.c is executed a second time. At this point, the algorithm cuts the first part of the packet and doesn't determine the current length. Specifically, if the packet is exactly 28 long, in the first iteration it subtracts 14 bytes. Then, it is working with a packet length of 14. • https://redmine.openinfosecfoundation.org/issues/2946 https://suricata-ids.org/2019/04/30/suricata-4-1-4-released • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-10055
https://notcve.org/view.php?id=CVE-2019-10055
An issue was discovered in Suricata 4.1.3. The function ftp_pasv_response lacks a check for the length of part1 and part2, leading to a crash within the ftp/mod.rs file. Se descubrió un problema en Suricata 4.1.3. La función ftp_pasv_response carece de una verificación de la longitud de part1 y part2, lo que provoca un bloqueo dentro del archivo ftp / mod.rs. • https://redmine.openinfosecfoundation.org/issues/2949 https://suricata-ids.org/2019/04/30/suricata-4-1-4-released • CWE-190: Integer Overflow or Wraparound CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-10054
https://notcve.org/view.php?id=CVE-2019-10054
An issue was discovered in Suricata 4.1.3. The function process_reply_record_v3 lacks a check for the length of reply.data. It causes an invalid memory access and the program crashes within the nfs/nfs3.rs file. Se descubrió un problema en Suricata 4.1.3. La función process_reply_record_v3 carece de una verificación para la longitud de reply.data. • https://redmine.openinfosecfoundation.org/issues/2943 https://suricata-ids.org/2019/04/30/suricata-4-1-4-released • CWE-20: Improper Input Validation CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2019-10052
https://notcve.org/view.php?id=CVE-2019-10052
An issue was discovered in Suricata 4.1.3. If the network packet does not have the right length, the parser tries to access a part of a DHCP packet. At this point, the Rust environment runs into a panic in parse_clientid_option in the dhcp/parser.rs file. Se descubrió un problema en Suricata 4.1.3. Si el paquete de red no tiene la longitud correcta, el analizador intenta acceder a una parte de un paquete DHCP. • https://redmine.openinfosecfoundation.org/issues/2902 https://redmine.openinfosecfoundation.org/issues/2947 https://suricata-ids.org/2019/04/30/suricata-4-1-4-released • CWE-707: Improper Neutralization •