oss-sec mailing list archives

Re: CVE request: denial of service in suricata

From: Victor Julien <lists () inliniac net>
Date: Fri, 12 Dec 2014 14:02:54 +0100

On 12/12/2014 01:56 PM, Pierre Schweitzer wrote:

It appears, looking at bug #1272 [1] in Suricata, that it was
possible to crash Suricata with specific packets due to a bug in
the libhtp (which got fixed with libhtp 0.5.16).

It got fixed with the release 2.0.5 from Suricata.

Was a CVE already assigned to this issue? Otherwise can a CVE be
assigned?

With my best regards,

[1]: https://redmine.openinfosecfoundation.org/issues/1272


To our knowledge this couldn't be triggered by specific traffic
conditions. Rather it seemed to be an issue when:

- older zlib versions were used that didn't always setup properly for
a reason unknown to us

OR

- extreme memory pressure (malloc's failing)

Cheers,
Victor

-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------

Current thread:

CVE request: denial of service in suricata Pierre Schweitzer (Dec 12)
- Re: CVE request: denial of service in suricata Victor Julien (Dec 12)
  - Re: CVE request: denial of service in suricata Pierre Schweitzer (Dec 12)
    - Re: CVE request: denial of service in suricata Victor Julien (Dec 12)
    - Re: CVE request: denial of service in suricata Pierre Schweitzer (Dec 12)
    - Re: CVE request: denial of service in suricata Victor Julien (Dec 12)
    - Re: CVE request: denial of service in suricata Pierre Schweitzer (Dec 12)