Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server. This allows detection bypass because Windows TCP clients proceed with normal processing of TCP data that arrives shortly after an RST (i.e., they act as if the RST had not yet been received).
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-07-23T20:00:00

Updated: 2024-08-05T09:29:51.678Z

Reserved: 2018-07-23T00:00:00

Link: CVE-2018-14568

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2018-07-23T20:29:00.333

Modified: 2019-10-03T00:03:26.223

Link: CVE-2018-14568

cve-icon Redhat

No data.