CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-17420
https://notcve.org/view.php?id=CVE-2019-17420
In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending. En OISF LibHTP versiones anteriores a 0.5.31, como es usado en Suricata versión 4.1.4 y otros productos, un error de análisis del protocolo HTTP hace que la firma http_header no avise en una respuesta con un solo \r\n al final. • https://github.com/OISF/libhtp/compare/0.5.30...0.5.31 https://github.com/OISF/libhtp/pull/213 https://redmine.openinfosecfoundation.org/issues/2969 • CWE-459: Incomplete Cleanup •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16410
https://notcve.org/view.php?id=CVE-2019-16410
An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory region that is not allocated, because of a lack of header_len checking. Se detectó un problema en Suricata versión 4.1.4. Mediante el envío de múltiples paquetes IPv4 fragmentados, la función Defrag4Reassemble en el archivo defrag.c intenta acceder a una región de memoria que no está asignada, debido a una falta de comprobación de header_len. • https://lists.openinfosecfoundation.org/pipermail/oisf-announce https://suricata-ids.org/2019/09/24/suricata-4-1-5-released https://www.code-intelligence.com/cve-2019-16410 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16411
https://notcve.org/view.php?id=CVE-2019-16411
An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 packets that have invalid IPv4Options, the function IPV4OptValidateTimestamp in decode-ipv4.c tries to access a memory region that is not allocated. There is a check for o->len < 5 (corresponding to 2 bytes of header and 3 bytes of data). Then, "flag = *(o->data + 3)" places one beyond the 3 bytes, because the code should have been "flag = *(o->data + 1)" instead. Se detectó un problema en Suricata versión 4.1.4. • https://lists.openinfosecfoundation.org/pipermail/oisf-announce https://suricata-ids.org/2019/09/24/suricata-4-1-5-released https://www.code-intelligence.com/cve-2019-16411 • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15699
https://notcve.org/view.php?id=CVE-2019-15699
An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon receiving a corrupted SSLv3 (TLS 1.2) packet, the parser function TLSDecodeHSHelloExtensions tries to access a memory region that is not allocated, because the expected length of HSHelloExtensions does not match the real length of the HSHelloExtensions part of the packet. Se detectó un problema en el archivo app-layer-ssl.c en Suricata versión 4.1.4. Tras recibir un paquete SSLv3 (TLS 1.2) corrupto, la función de analizador TLSDecodeHSHelloExtensions intenta acceder a una región de memoria que no está asignada, porque la longitud esperada de HSHelloExtensions no coincide con la longitud real de la parte HSHelloExtensions del paquete. • https://lists.openinfosecfoundation.org/pipermail/oisf-announce https://suricata-ids.org/2019/09/24/suricata-4-1-5-released • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-10056
https://notcve.org/view.php?id=CVE-2019-10056
An issue was discovered in Suricata 4.1.3. The code mishandles the case of sending a network packet with the right type, such that the function DecodeEthernet in decode-ethernet.c is executed a second time. At this point, the algorithm cuts the first part of the packet and doesn't determine the current length. Specifically, if the packet is exactly 28 long, in the first iteration it subtracts 14 bytes. Then, it is working with a packet length of 14. • https://redmine.openinfosecfoundation.org/issues/2946 https://suricata-ids.org/2019/04/30/suricata-4-1-4-released • CWE-787: Out-of-bounds Write •