CVE-2018-14568
N/A
N/A
Summary
Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server. This allows detection bypass because Windows TCP clients proceed with normal processing of TCP data that arrives shortly after an RST (i.e., they act as if the RST had not yet been received).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://suricata-ids.org/2018/07/18/suricata-4-0-5-available/
- https://github.com/OISF/suricata/pull/3428/commits/843d0b7a10bb45627f94764a6c5d468a24143345
- https://redmine.openinfosecfoundation.org/issues/2501
- https://github.com/kirillwow/ids_bypass
References
- https://suricata-ids.org/2018/07/18/suricata-4-0-5-available/
- https://github.com/OISF/suricata/pull/3428/commits/843d0b7a10bb45627f94764a6c5d468a24143345
- https://redmine.openinfosecfoundation.org/issues/2501
- https://github.com/kirillwow/ids_bypass
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.