← volver
CVE-2015-8954

CVE-2015-8954

EPSS 3.3%
The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a crafted HTTP request.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777523https://redmine.openinfosecfoundation.org/issues/1364https://suricata-ids.org/2015/01/15/suricata-2-0-6-available/