Описание
In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.
Ссылки
- Patch
- PatchThird Party Advisory
- Issue TrackingVendor Advisory
- Patch
- PatchThird Party Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.5.31 (исключая)
Одно из
cpe:2.3:a:oisf:libhtp:*:*:*:*:*:*:*:*
cpe:2.3:a:suricata-ids:suricata:4.1.4:*:*:*:*:*:*:*
EPSS
Процентиль: 47%
0.00242
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-459
Связанные уязвимости
CVSS3: 5.3
ubuntu
больше 6 лет назад
In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.
CVSS3: 5.3
debian
больше 6 лет назад
In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other prod ...
github
больше 3 лет назад
In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other products, an HTTP protocol parsing error causes the http_header signature to not alert on a response with a single \r\n ending.
EPSS
Процентиль: 47%
0.00242
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-459