CVE-2019-1010279 - Vulnerability Details - OpenCVE

Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed sequence of network packets. The component is: detect.c (https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b). The attack vector is: An attacker can trigger the vulnerability by a specifically crafted network TCP session. The fixed version is: 4.1.3.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Oisf	Suricata

Configuration 1 [-]

cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/OISF/suricata/pull/3625
https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b
https://redmine.openinfosecfoundation.org/issues/2770

History

No history.

MITRE

Status: PUBLISHED

Assigner: dwf

Published: 2019-07-18T18:07:29

Updated: 2024-08-05T03:07:18.512Z

Reserved: 2019-03-20T00:00:00

Link: CVE-2019-1010279

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-07-18T19:15:11.317

Modified: 2024-11-21T04:18:07.143

Link: CVE-2019-1010279

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Suricata", "vendor": "Open Information Security Foundation", "versions": [{"status": "affected", "version": "prior to version 4.1.3 [fixed: 4.1.3]"}]}], "descriptions": [{"lang": "en", "value": "Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed sequence of network packets. The component is: detect.c (https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b). The attack vector is: An attacker can trigger the vulnerability by a specifically crafted network TCP session. The fixed version is: 4.1.3."}], "problemTypes": [{"descriptions": [{"description": "Denial of Service - TCP/HTTP detection bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-07-18T18:07:29", "orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "shortName": "dwf"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/2770"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/pull/3625"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010279", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Suricata", "version": {"version_data": [{"version_value": "prior to version 4.1.3 [fixed: 4.1.3]"}]}}]}, "vendor_name": "Open Information Security Foundation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed sequence of network packets. The component is: detect.c (https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b). The attack vector is: An attacker can trigger the vulnerability by a specifically crafted network TCP session. The fixed version is: 4.1.3."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of Service - TCP/HTTP detection bypass"}]}]}, "references": {"reference_data": [{"name": "https://redmine.openinfosecfoundation.org/issues/2770", "refsource": "MISC", "url": "https://redmine.openinfosecfoundation.org/issues/2770"}, {"name": "https://github.com/OISF/suricata/pull/3625", "refsource": "MISC", "url": "https://github.com/OISF/suricata/pull/3625"}, {"name": "https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b", "refsource": "MISC", "url": "https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:07:18.512Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/2770"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/pull/3625"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b"}]}]}, "cveMetadata": {"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "assignerShortName": "dwf", "cveId": "CVE-2019-1010279", "datePublished": "2019-07-18T18:07:29", "dateReserved": "2019-03-20T00:00:00", "dateUpdated": "2024-08-05T03:07:18.512Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oisf:suricata:*:*:*:*:*:*:*:*", "matchCriteriaId": "A9C3BA5C-868A-42AC-B9EE-D98E7E122D6D", "versionEndExcluding": "4.1.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Open Information Security Foundation Suricata prior to version 4.1.3 is affected by: Denial of Service - TCP/HTTP detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed sequence of network packets. The component is: detect.c (https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b). The attack vector is: An attacker can trigger the vulnerability by a specifically crafted network TCP session. The fixed version is: 4.1.3."}, {"lang": "es", "value": "Open Information Security Foundation Suricata en versiones anteriores a la 4.1.3 se ve afectada por: Denegaci\u00f3n de servicio: omisi\u00f3n de detecci\u00f3n de TCP/HTTP. El impacto es: un atacante puede evadir una detecci\u00f3n de firmas con una secuencia especialmente formada de paquetes de red. El componente es: detect.c (https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b). El vector de ataque es: Un atacante puede activar la vulnerabilidad mediante una sesi\u00f3n TCP de red espec\u00edficamente dise\u00f1ada. La versi\u00f3n corregida es: 4.1.3."}], "id": "CVE-2019-1010279", "lastModified": "2024-11-21T04:18:07.143", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-18T19:15:11.317", "references": [{"source": "josh@bress.net", "tags": ["Third Party Advisory"], "url": "https://github.com/OISF/suricata/pull/3625"}, {"source": "josh@bress.net", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b"}, {"source": "josh@bress.net", "tags": ["Exploit", "Vendor Advisory"], "url": "https://redmine.openinfosecfoundation.org/issues/2770"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/OISF/suricata/pull/3625"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/OISF/suricata/pull/3625/commits/d8634daf74c882356659addb65fb142b738a186b"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://redmine.openinfosecfoundation.org/issues/2770"}], "sourceIdentifier": "josh@bress.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-347"}], "source": "nvd@nist.gov", "type": "Primary"}]}