Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-55629

Опубликовано: 06 янв. 2025
Источник: debian

Описание

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data (out of band data) can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible evasions. Suricata 7.0.8 includes options to allow users to configure how to handle TCP urgent data. In IPS mode, you can use a rule such as drop tcp any any -> any any (sid:1; tcp.flags:U*;) to drop all the packets with urgent flag set.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
suricatafixed1:7.0.8-1package
suricatano-dsabookwormpackage

Примечания

  • https://github.com/OISF/suricata/security/advisories/GHSA-69wr-vhwg-84h2

  • Fixed by: https://github.com/OISF/suricata/commit/6882bcb3e51bd3cf509fb6569cc30f48d7bb53d7 (master)

  • Fixed by: https://github.com/OISF/suricata/commit/779f9d8ba35c3f9b5abfa327d3a4209861bd2eb8 (master)

  • Fixed by: https://github.com/OISF/suricata/commit/870fe6ea192fb1069189d9319a3940e48a41488d (suricata-7.0.8)

  • Fixed by: https://github.com/OISF/suricata/commit/c4d8790db85164714c92556fbc8e849e9df6355b (suricata-7.0.8)

Связанные уязвимости

ubuntu логотип

CVE-2024-55629

CVSS3: 7.5
ubuntu
около 1 года назад

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data (out of band data) can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible evasions. Suricata 7.0.8 includes options to allow users to configure how to handle TCP urgent data. In IPS mode, you can use a rule such as drop tcp any any -> any any (sid:1; tcp.flags:U*;) to drop all the packets with urgent flag set.

nvd логотип

CVE-2024-55629

CVSS3: 7.5
nvd
около 1 года назад

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, TCP streams with TCP urgent data (out of band data) can lead to Suricata analyzing data differently than the applications at the TCP endpoints, leading to possible evasions. Suricata 7.0.8 includes options to allow users to configure how to handle TCP urgent data. In IPS mode, you can use a rule such as drop tcp any any -> any any (sid:1; tcp.flags:U*;) to drop all the packets with urgent flag set.

fstec логотип

BDU:2025-00137

CVSS3: 7.5
fstec
около 1 года назад

Уязвимость реализации протокола TCP системы обнаружения и предотвращения вторжений Suricata, позволяющая нарушителю оказать воздействие на целостность защищаемой информации