CVE-2019-1010251 - OpenCVE

Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed network packet. The component is: app-layer-detect-proto.c, decode.c, decode-teredo.c and decode-ipv6.c (https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe, https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b). The attack vector is: An attacker can trigger the vulnerability by sending a specifically crafted network request. The fixed version is: 4.1.2.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Oisf	Suricata

Configuration 1 [-]

OR	cpe:2.3:a:oisf:suricata:4.0.2:::::::*
	cpe:2.3:a:oisf:suricata:4.0.3:::::::*
	cpe:2.3:a:oisf:suricata:4.0.5:::::::*
	cpe:2.3:a:oisf:suricata:4.1.0:beta1::::::

No data.

References

Link	Providers
https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe
https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b
https://redmine.openinfosecfoundation.org/issues/2736

History

No history.

MITRE

Status: PUBLISHED

Assigner: dwf

Published: 2019-07-18T17:48:48

Updated: 2024-08-05T03:07:18.385Z

Reserved: 2019-03-20T00:00:00

Link: CVE-2019-1010251

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-07-18T18:15:12.293

Modified: 2019-07-23T18:23:14.593

Link: CVE-2019-1010251

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Suricata", "vendor": "Open Information Security Foundation", "versions": [{"status": "affected", "version": "prior to version 4.1.2 [fixed: 4.1.2]"}]}], "descriptions": [{"lang": "en", "value": "Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed network packet. The component is: app-layer-detect-proto.c, decode.c, decode-teredo.c and decode-ipv6.c (https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe, https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b). The attack vector is: An attacker can trigger the vulnerability by sending a specifically crafted network request. The fixed version is: 4.1.2."}], "problemTypes": [{"descriptions": [{"description": "Denial of Service - DNS detection bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-07-18T17:48:48", "orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "shortName": "dwf"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://redmine.openinfosecfoundation.org/issues/2736"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010251", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Suricata", "version": {"version_data": [{"version_value": "prior to version 4.1.2 [fixed: 4.1.2]"}]}}]}, "vendor_name": "Open Information Security Foundation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed network packet. The component is: app-layer-detect-proto.c, decode.c, decode-teredo.c and decode-ipv6.c (https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe, https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b). The attack vector is: An attacker can trigger the vulnerability by sending a specifically crafted network request. The fixed version is: 4.1.2."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Denial of Service - DNS detection bypass"}]}]}, "references": {"reference_data": [{"name": "https://redmine.openinfosecfoundation.org/issues/2736", "refsource": "MISC", "url": "https://redmine.openinfosecfoundation.org/issues/2736"}, {"name": "https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe", "refsource": "MISC", "url": "https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe"}, {"name": "https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b", "refsource": "MISC", "url": "https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:07:18.385Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://redmine.openinfosecfoundation.org/issues/2736"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b"}]}]}, "cveMetadata": {"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "assignerShortName": "dwf", "cveId": "CVE-2019-1010251", "datePublished": "2019-07-18T17:48:48", "dateReserved": "2019-03-20T00:00:00", "dateUpdated": "2024-08-05T03:07:18.385Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oisf:suricata:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "60C9475B-5B78-4EDD-B894-23A051ED5745", "vulnerable": true}, {"criteria": "cpe:2.3:a:oisf:suricata:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "35775830-353B-4ED2-9614-C08B19952129", "vulnerable": true}, {"criteria": "cpe:2.3:a:oisf:suricata:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "C0ACCC9E-4F42-431C-9F58-DFD67F6DD433", "vulnerable": true}, {"criteria": "cpe:2.3:a:oisf:suricata:4.1.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "178734E6-C8B0-460B-9443-39871F6851F0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed network packet. The component is: app-layer-detect-proto.c, decode.c, decode-teredo.c and decode-ipv6.c (https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe, https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b). The attack vector is: An attacker can trigger the vulnerability by sending a specifically crafted network request. The fixed version is: 4.1.2."}, {"lang": "es", "value": "Open Information Security Foundation Suricata en versiones anteriores a la 4.1.2 se ve afectada por: Denegaci\u00f3n de servicio: omisi\u00f3n de detecci\u00f3n de DNS. El impacto es: un atacante puede evadir una detecci\u00f3n de firmas con un paquete de red especialmente formado. El componente es: app-layer-detect-proto.c, decode.c, decode-teredo.c y decode-ipv6.c (https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe, https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b). El vector de ataque es: Un atacante puede activar la vulnerabilidad al enviar una solicitud de red espec\u00edficamente dise\u00f1ada. La versi\u00f3n corregida es: 4.1.2."}], "id": "CVE-2019-1010251", "lastModified": "2019-07-23T18:23:14.593", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-18T18:15:12.293", "references": [{"source": "josh@bress.net", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe"}, {"source": "josh@bress.net", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b"}, {"source": "josh@bress.net", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://redmine.openinfosecfoundation.org/issues/2736"}], "sourceIdentifier": "josh@bress.net", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}