The MemcmpLowercase function in Suricata prior to 2.0.6 improperly excludes the first byte from comparisons, which might allow remote malicious users to bypass intrusion-prevention functionality via a crafted HTTP request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openinfosecfoundation suricata |