VYPR
Unrated severityOSV Advisory· Published Apr 4, 2019· Updated Aug 5, 2024

CVE-2018-10242

CVE-2018-10242

Description

Suricata version 4.0.4 incorrectly handles the parsing of the SSH banner. A malformed SSH banner can cause the parsing code to read beyond the allocated data because SSHParseBanner in app-layer-ssh.c lacks a length check.

Affected products

2
  • Oisf/SuricataOSV2 versions
    suricata-0.8.2, suricata-1.0.0, suricata-1.0.1, …+ 1 more
    • (no CPE)range: suricata-0.8.2, suricata-1.0.0, suricata-1.0.1, …
    • (no CPE)range: = 4.0.4

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.