In Suricata before 6.0.13 (when there is an adversary who controls an external source of rules), a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring allow-absolute-filenames and allow-write (in the datasets rules configuration section) if an installation requires traversal/writing in this situation.

In Suricata before 6.0.13 (when there is an adversary who controls an external source of rules), a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring allow-absolute-filenames and allow-write (in the datasets rules configuration section) if an installation requires traversal/writing in this situation.

In Suricata before 6.0.13 (when there is an adversary who controls an ...

In Suricata before 6.0.13 (when there is an adversary who controls an external source of rules), a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring allow-absolute-filenames and allow-write (in the datasets rules configuration section) if an installation requires traversal/writing in this situation.

Уязвимость системы обнаружения и предотвращения вторжений Suricata, связанная с неверным ограничением имени пути к каталогу с ограниченным доступом, позволяющая нарушителю записывать произвольные файлы в файловую систему