Lucene search
GoogleOSV:CVE-2018-6794HistoryFeb 07, 2018 - 5:29 a.m.
CVE-2018-6794
2018-02-0705:29:00
Google
osv.dev
3
Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerability in detect.c and stream-tcp.c. If a malicious server breaks a normal TCP flow and sends data before the 3-way handshake is complete, then the data sent by the malicious server will be accepted by web clients such as a web browser or Linux CLI utilities, but ignored by Suricata IDS signatures. This mostly affects IDS signatures for the HTTP protocol and TCP stream content; signatures for TCP packets will inspect such network traffic as usual.
Related
openvas
openvas
Fedora Update for suricata FEDORA-2018-ee417c4b28
2018-02-24 00:00:00
Debian: Security Advisory (DLA-1603-1)
2018-12-04 00:00:00
cvelist
cvelist
CVE-2018-6794
2018-02-07 05:00:00
cve
cve
CVE-2018-6794
2018-02-07 05:29:00
nessus
nessus
Fedora 27 : suricata (2018-ee417c4b28)
2018-02-26 00:00:00
Debian DLA-1603-1 : suricata security update
2018-12-06 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: suricata-4.0.4-1.fc27
2018-02-23 16:01:56
ubuntucve
ubuntucve
CVE-2018-6794
2018-02-07 00:00:00
prion
prion
Design/Logic Flaw
2018-02-07 05:29:00
debiancve
debiancve
CVE-2018-6794
2018-02-07 05:29:00
nvd
nvd
CVE-2018-6794
2018-02-07 05:29:00
zdt
zdt
Suricata < 4.0.4 - IDS Detection Bypass Vulnerability
2018-03-05 00:00:00
exploitpack
exploitpack
Suricata 4.0.4 - IDS Detection Bypass
2018-03-05 00:00:00
exploitdb
exploitdb
Suricata < 4.0.4 - IDS Detection Bypass
2018-03-05 00:00:00
osv
osv
suricata - security update
2018-12-04 00:00:00
debian
debian
[SECURITY] [DLA 1603-1] suricata security update
2018-12-04 19:43:16