Vulnerabilities
Vulnerable Software
Suricata-Ids:  >> Suricata  >> 4.0.4  Security Vulnerabilities
The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x before 4.0.6 allows remote attackers to cause a denial of service (segfault and daemon crash) via crafted input to the SMTP parser, as exploited in the wild in November 2018.
CVSS Score
7.5
EPSS Score
0.012
Published
2018-11-05
Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server. This allows detection bypass because Windows TCP clients proceed with normal processing of TCP data that arrives shortly after an RST (i.e., they act as if the RST had not yet been received).
CVSS Score
7.5
EPSS Score
0.003
Published
2018-07-23


Contact Us

Shodan ® - All rights reserved