vulnerability

Debian: CVE-2019-18625: suricata -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:P/A:N)	2020-01-06	2020-02-03	2020-02-10

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

2020-01-06

Added

2020-02-03

Modified

2020-02-10

Description

An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it is possible to inject a RST ACK and a FIN ACK packet with a bad TCP Timestamp option. The client will ignore the RST ACK and the FIN ACK packets because of the bad TCP Timestamp option. Both linux and windows client are ignoring the injected packets.

Solution

debian-upgrade-suricata

References

CVE-2019-18625
https://attackerkb.com/topics/CVE-2019-18625
DEBIAN-DLA-2087-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today