Denial of Service Vulnerability in Suricata 4.x (CVE-2018-18956)

Denial of Service Vulnerability in Suricata 4.x (CVE-2018-18956)

CVE-2018-18956 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x before 4.0.6 allows remote attackers to cause a denial of service (segfault and daemon crash) via crafted input to the SMTP parser, as exploited in the wild in November 2018.

Learn more about our Web Application Penetration Testing UK.