Suricata version 4.0.4 incorrectly handles the parsing of the SSH banner. A malformed SSH banner can cause the parsing code to read beyond the allocated data because SSHParseBanner in app-layer-ssh.c lacks a length check.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
suricata-ids suricata 4.0.4 |
||
debian debian linux 8.0 |