CVE-2018-14568

Опубликовано: 23 июл. 2018

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server. This allows detection bypass because Windows TCP clients proceed with normal processing of TCP data that arrives shortly after an RST (i.e., they act as if the RST had not yet been received).

Ссылки

https://github.com/OISF/suricata/pull/3428/commits/843d0b7a10bb45627f94764a6c5d468a24143345
Patch
Third Party Advisory
https://github.com/kirillwow/ids_bypass
Exploit
Third Party Advisory
https://redmine.openinfosecfoundation.org/issues/2501
Exploit
Third Party Advisory
https://suricata-ids.org/2018/07/18/suricata-4-0-5-available/
Vendor Advisory
https://github.com/OISF/suricata/pull/3428/commits/843d0b7a10bb45627f94764a6c5d468a24143345
Patch
Third Party Advisory
https://github.com/kirillwow/ids_bypass
Exploit
Third Party Advisory
https://redmine.openinfosecfoundation.org/issues/2501
Exploit
Third Party Advisory
https://suricata-ids.org/2018/07/18/suricata-4-0-5-available/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:suricata-ids:suricata:*:*:*:*:*:*:*:*

Версия до 4.0.5 (исключая)

EPSS

Процентиль: 51%

0.00281

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2018-14568

CVSS3: 7.5

ubuntu

больше 7 лет назад

CVE-2018-14568

CVSS3: 7.5

debian

больше 7 лет назад

Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from ...

GHSA-cv4x-fvx8-c5xh

CVSS3: 7.5

github

больше 3 лет назад

EPSS

Процентиль: 51%

0.00281

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo