[Bugs] [Bug 13324] New: [CVE 21] suricata 6.0.3 CVEs found
bugzilla
bugzilla на rosalinux.ru
Ср Май 3 17:03:17 MSK 2023
https://bugzilla.rosalinux.ru/show_bug.cgi?id=13324
Platform: 2021.1
Bug ID: 13324
Summary: [CVE 21] suricata 6.0.3 CVEs found
Classification: ROSA-based products
Product: ROSA Fresh
Version: All
Hardware: All
URL: CVE-2021-37592, CVE-2021-45098,
OS: Linux
Status: CONFIRMED
Severity: normal
Priority: Normal
Component: System (kernel, glibc, systemd, bash, PAM...)
Assignee: bugs на lists.rosalinux.ru
Reporter: y.tumanov на rosalinux.ru
QA Contact: bugs на lists.rosalinux.ru
CC: s.matveev на rosalinux.ru, y.tumanov на rosalinux.ru
Target Milestone: ---
Flags: secteam_verified?
Please patch CVEs for package suricata version 6.0.3
INFO (CVEs are): suricata 6.0.3
cves found
CVE-2021-37592
Desc: Suricata before 5.0.8 and 6.x before 6.0.4 allows TCP evasion via a
client with a crafted TCP/IP stack that can send a certain sequence of
segments.
Link: https://nvd.nist.gov/vuln/detail/CVE-2021-37592
Severity: CRITICAL
CVE-2021-45098
Desc: An issue was discovered in Suricata before 6.0.4. It is possible to
bypass/evade any HTTP-based signature by faking an RST TCP packet with random
TCP options of the md5header from the client side. After the three-way
handshake, it's possible to inject an RST ACK with a random TCP md5header
option. Then, the client can send an HTTP GET request with a forbidden URL. The
server will ignore the RST ACK and send the response HTTP packet for the
client's request. These packets will not trigger a Suricata reject action.
Link: https://nvd.nist.gov/vuln/detail/CVE-2021-45098
Severity: HIGH
--
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
----------- следущая часть -----------
Вложение в формате HTML было извлечено…
URL: <http://lists.rosalinux.ru/pipermail/bugs/attachments/20230503/0c7da953/attachment.html>
Подробная информация о списке рассылки Bugs