suricata: multiple vulnerabilities
| Package(s): | suricata | CVE #(s): | CVE-2015-0928 | ||||
| Created: | March 13, 2015 | Updated: | March 18, 2015 | ||||
| Description: | From the Fedora advisory: This release fixes a parsing issue in the DCERPC parser that can happen when Suricata runs out of memory. The exact scope of the problem isn’t clear, but it could certainly lead to crashes. CVE-2015-0928 is assigned for this. The second issue is certain characters in the URI could confuse the parsing of the HTTP request line, leading to possible detection bypass for ‘http_uri’ and to incomplete logging of the URI. | ||||||
| Alerts: |
| ||||||