CVE-2017-7177

Опубликовано: 18 мар. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching.

Ссылки

http://www.securityfocus.com/bid/97047
https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8
Issue Tracking
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html
https://redmine.openinfosecfoundation.org/issues/2019
Issue Tracking
Patch
Third Party Advisory
http://www.securityfocus.com/bid/97047
https://github.com/inliniac/suricata/commit/4a04f814b15762eb446a5ead4d69d021512df6f8
Issue Tracking
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html
https://redmine.openinfosecfoundation.org/issues/2019
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openinfosecfoundation:suricata:*:*:*:*:*:*:*:*

Версия до 3.2 (включая)

EPSS

Процентиль: 47%

0.00241

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-358

Связанные уязвимости

CVE-2017-7177

CVSS3: 7.5

ubuntu

почти 9 лет назад

Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching.

CVE-2017-7177

CVSS3: 7.5

debian

почти 9 лет назад

Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused ...

GHSA-9gxf-8qj8-9g4f

CVSS3: 7.5

github

больше 3 лет назад

Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching.

EPSS

Процентиль: 47%

0.00241

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-358