2018-02-07 06:29:00 2019-03-02 00:33:08

Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerability in detect.c and stream-tcp.c. If a malicious server breaks a normal TCP flow and sends data before the 3-way handshake is complete, then the data sent by the malicious server will be accepted by web clients such as a web browser or Linux CLI utilities, but ignored by Suricata IDS signatures. This mostly affects IDS signatures for the HTTP protocol and TCP stream content; signatures for TCP packets will inspect such network traffic as usual.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE
Suricata-ids Suricata 3.2.5 (not an official CPE) Suricata-ids Suricata 3.2.4 (not an official CPE) Suricata-ids Suricata 3.2.3 (not an official CPE) Suricata-ids Suricata 3.2.2 (not an official CPE) Suricata-ids Suricata 3.2.1 (not an official CPE) Suricata-ids Suricata 3.2 Rc1 (not an official CPE) Suricata-ids Suricata 3.2 B1 (not an official CPE) Suricata-ids Suricata 3.2 (not an official CPE) Suricata-ids Suricata 3.1.4 (not an official CPE) Suricata-ids Suricata 3.1.3 (not an official CPE) Suricata-ids Suricata 3.1.2 (not an official CPE) Suricata-ids Suricata 3.1.1 (not an official CPE) Suricata-ids Suricata 3.1 Rc1 (not an official CPE) Suricata-ids Suricata 3.1 (not an official CPE) Suricata-ids Suricata 3.0.2 (not an official CPE) Suricata-ids Suricata 3.0.1 Rc1 (not an official CPE) Suricata-ids Suricata 3.0.1 (not an official CPE) Suricata-ids Suricata 3.0 Rc3 (not an official CPE) Suricata-ids Suricata 3.0 Rc2 (not an official CPE) Suricata-ids Suricata 3.0 Rc1 (not an official CPE) Suricata-ids Suricata 3.0 (not an official CPE) Suricata-ids Suricata 2.1 B4 (not an official CPE) Suricata-ids Suricata 2.1 B3 (not an official CPE) Suricata-ids Suricata 2.1 B2 (not an official CPE) Suricata-ids Suricata 2.1 B1 (not an official CPE) Suricata-ids Suricata 2.0.11 (not an official CPE) Suricata-ids Suricata 2.0.10 (not an official CPE) Suricata-ids Suricata 2.0.9 (not an official CPE) Suricata-ids Suricata 2.0.8 (not an official CPE) Suricata-ids Suricata 2.0.7 (not an official CPE) Suricata-ids Suricata 2.0.6 (not an official CPE) Suricata-ids Suricata 2.0.5 (not an official CPE) Suricata-ids Suricata 2.0.4 (not an official CPE) Suricata-ids Suricata 2.0.3 (not an official CPE) Suricata-ids Suricata 2.0.2 (not an official CPE) Suricata-ids Suricata 2.0.1 Rc1 (not an official CPE) Suricata-ids Suricata 2.0.1 (not an official CPE) Suricata-ids Suricata 2.0 Rc3 (not an official CPE) Suricata-ids Suricata 2.0 Rc2 (not an official CPE) Suricata-ids Suricata 2.0 Rc1 (not an official CPE) Suricata-ids Suricata 2.0 B2 (not an official CPE) Suricata-ids Suricata 2.0 B1 (not an official CPE) Suricata-ids Suricata 2.0 (not an official CPE) Suricata-ids Suricata 1.4.7 (not an official CPE) Suricata-ids Suricata 1.4.6 (not an official CPE) Suricata-ids Suricata 1.4.5 (not an official CPE) Suricata-ids Suricata 1.4.4 (not an official CPE) Suricata-ids Suricata 1.4.3 (not an official CPE) Suricata-ids Suricata 1.4.2 (not an official CPE) Suricata-ids Suricata 1.4.1 (not an official CPE) Suricata-ids Suricata 1.4 Rc1 (not an official CPE) Suricata-ids Suricata 1.4 B3 (not an official CPE) Suricata-ids Suricata 1.4 B2 (not an official CPE) Suricata-ids Suricata 1.4 (not an official CPE) Suricata-ids Suricata 1.4 B1 (not an official CPE) Suricata-ids Suricata 1.3.6 (not an official CPE) Suricata-ids Suricata 1.3.5 (not an official CPE) Suricata-ids Suricata 1.3.4 (not an official CPE) Suricata-ids Suricata 1.3.3 (not an official CPE) Suricata-ids Suricata 1.3.2 (not an official CPE) Suricata-ids Suricata 1.3.1 (not an official CPE) Suricata-ids Suricata 1.3 Rc1 (not an official CPE) Suricata-ids Suricata 1.3 B3 (not an official CPE) Suricata-ids Suricata 1.3 B2 (not an official CPE) Suricata-ids Suricata 1.3 B1 (not an official CPE) Suricata-ids Suricata 1.3 (not an official CPE) Suricata-ids Suricata 1.2.1 (not an official CPE) Suricata-ids Suricata 1.2 Rc1 (not an official CPE) Suricata-ids Suricata 1.2 (not an official CPE) Suricata-ids Suricata 1.1.1 (not an official CPE) Suricata-ids Suricata 1.1 Rc1 (not an official CPE) Suricata-ids Suricata 1.1 B3 (not an official CPE) Suricata-ids Suricata 1.1 B2 (not an official CPE) Suricata-ids Suricata 1.1 B1 (not an official CPE) Suricata-ids Suricata 1.1 (not an official CPE) Suricata-ids Suricata 1.0.5 (not an official CPE) Suricata-ids Suricata 1.0.4 (not an official CPE) Suricata-ids Suricata 1.0.3 (not an official CPE) Suricata-ids Suricata 1.0.2 (not an official CPE) Suricata-ids Suricata 1.0.1 (not an official CPE) Suricata-ids Suricata 1.0.0 (not an official CPE) Suricata-ids Suricata 0.8.2 (not an official CPE) Suricata-ids Suricata 4.0.0 (not an official CPE) Suricata-ids Suricata 4.0.0 B1 (not an official CPE) Suricata-ids Suricata 4.0.0 Rc1 (not an official CPE) Suricata-ids Suricata 4.0.0 Rc2 (not an official CPE) Suricata-ids Suricata 4.0.1 (not an official CPE) Suricata-ids Suricata 4.0.2 (not an official CPE) Suricata-ids Suricata 4.0.3 (not an official CPE)