CVE-2017-15377

Sažetak

In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn't stop when it should after no match is found; instead, it stops only upon reaching inspection-recursion-limit (3000 by default).

Reference

https://github.com/OISF/suricata/commit/b9579fbe7dd408200ef03cbe20efddb624b73885
https://lists.debian.org/debian-lts-announce/2018/12/msg00000.html
https://redmine.openinfosecfoundation.org/issues/2231

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

27-10-2020 - 14:15

Objavljeno

23-10-2017 - 08:29