Denial of service in Suricata

Published: 2018-11-07 13:32:50 | Updated: 2018-11-07
Severity High
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2018-18956
CVSSv3 7.2 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C]
CWE ID CWE-20
Exploitation vector Network
Public exploit This vulnerability is being exploited in the wild.
Vulnerable software Suricata
Vulnerable software versions Suricata 4.0.5
Suricata 4.0.2
Suricata 4.0.4

Show more

Vendor URL Open Information Security Foundation

Security Advisory

1) Segmentation fault

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to segmentation fault in the ProcessMimeEntity function in util-decode-mime.c when handling malicious input. A remote attacker can supply specially crafted input to the SMTP parser, trigger segfault and cause daemon crash.

Note: according to MITRE statement, the vulnerability has been exploited in the wild in November 2018.

Remediation

Update to version 4.1.

External links

https://suricata-ids.org/2018/11/06/suricata-4-1-released/
https://github.com/OISF/suricata/commit/36e84b929cb37bd03943ed14749a4fef3ff1f61d

Back to List