Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a client with a crafted TCP/IP stack that can send a certain sequence of segments.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HOisf Suricata
APPOisf< 5.0.86.0.0 – 6.0.4 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Powiązane podatności
CVE-2023-35853CRITICAL9.8ten sam produkt
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lu...
CVE-2019-18792CRITICAL9.1ten sam produkt
An issue was discovered in Suricata 5.0.0. It is possible to bypass/evade any tcp based signature by overlappi...
CVE-2018-10244CRITICAL9.8ten sam produkt
Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the pa...
CVE-2026-31931HIGH7.5ten sam produkt
Suricata is a network IDS, IPS and NSM engine. From version 8.0.0 to before version 8.0.4, use of the "tls.alp...
CVE-2026-31932HIGH7.5ten sam produkt
Suricata is a network IDS, IPS and NSM engine. Prior to versions 7.0.15 and 8.0.4, inefficiency in KRB5 buffer...