The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x prior to 4.0.6 allows remote malicious users to cause a denial of service (segfault and daemon crash) via crafted input to the SMTP parser, as exploited in the wild in November 2018.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
suricata-ids suricata |