Critical severity9.8NVD Advisory· Published Mar 20, 2017· Updated Jun 17, 2026
CVE-2015-8954
CVE-2015-8954
Description
The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a crafted HTTP request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:openinfosecfoundation:suricata:*:*:*:*:*:*:*:*Range: <=2.0.5
Patches
Vulnerability mechanics
References
3- bugs.debian.org/cgi-bin/bugreport.cginvdThird Party Advisory
- redmine.openinfosecfoundation.org/issues/1364nvdThird Party Advisory
- suricata-ids.org/2015/01/15/suricata-2-0-6-available/nvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.