vulnerability
FreeBSD: VID-3B903BF3-7F94-11E9-8A5F-C85B76CE9B5A (CVE-2019-10053): suricata -- buffer over-read
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Mar 15, 2019 | May 27, 2019 | May 27, 2019 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Mar 15, 2019
Added
May 27, 2019
Modified
May 27, 2019
Description
An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow.
Solution
freebsd-upgrade-package-suricata
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.