Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service (crash), or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Suricata 资源管理错误漏洞
Vulnerability Description
Suricata是开放信息安全基金会(Open Information Security Foundation,OISF)和其支持的厂商共同开发的一套网络入侵检测系统(IDS)、入侵防御系统(IPS)和网络安全监控引擎,它支持多线程、内置IPv6、可加载预设规则等。 Suricata 2.0.3-2及之前版本的SSH解析器中的‘SSHParseBanner’函数中存在安全漏洞,该漏洞源于程序中存在越边界访问错误。远程攻击者可借助特制的‘banner’利用该漏洞绕过SSH规则,造成拒绝服务(崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A