FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
3b903bf3-7f94-11e9-8a5f-c85b76ce9b5asuricata -- buffer over-read

Mitre reports:

An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow.


Discovery 2019-03-15
Entry 2019-05-26
Modified 2019-05-26
suricata
< 4.1.4

https://suricata-ids.org/2019/04/30/suricata-4-1-4-released/
CVE-2019-10053
fe910ed6-f88d-11e4-9ae3-0050562a4d7bsuricata -- TLS/DER Parser Bug (DoS)

OISF Development Team reports:

The OISF development team is pleased to announce Suricata 2.0.8. This release fixes a number of issues in the 2.0 series.

The most important issue is a bug in the DER parser which is used to decode SSL/TLS certificates could crash Suricata. This issue was reported by Kostya Kortchinsky of the Google Security Team and was fixed by Pierre Chifflier of ANSSI.

Those processing large numbers of (untrusted) pcap files need to update as a malformed pcap could crash Suricata. Again, credits go to Kostya Kortchinsky.


Discovery 2015-05-06
Entry 2015-05-12
suricata
< 2.0.8

CVE-2015-0971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0971
https://github.com/inliniac/suricata/commit/fa73a0bb8f312fd0a95cc70f6b3ee4e4997bdba7