CVE Vulnerabilities

CVE-2014-6603

Published: Oct 07, 2014 | Modified: Oct 09, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service (crash), or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write.

Affected Software

Name Vendor Start Version End Version
Suricata Openinfosecfoundation 2.0.1-2 2.0.1-2
Suricata Openinfosecfoundation 2.0.2-2 2.0.2-2
Suricata Openinfosecfoundation 2.0.2-1 2.0.2-1
Suricata Openinfosecfoundation 2.0.3-1 2.0.3-1
Suricata Openinfosecfoundation 2.0.1-1 2.0.1-1
Suricata Openinfosecfoundation * 2.0.3-2

References