Vulnerability in Suricata SSH Parser Allows Remote Attackers to Bypass Rules and Cause Denial of Service

Vulnerability in Suricata SSH Parser Allows Remote Attackers to Bypass Rules and Cause Denial of Service

CVE-2014-6603 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service (crash), or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write.

Learn more about our Web Application Penetration Testing UK.