Vulnerability Details : CVE-2019-1010251
Open Information Security Foundation Suricata prior to version 4.1.2 is affected by: Denial of Service - DNS detection bypass. The impact is: An attacker can evade a signature detection with a specialy formed network packet. The component is: app-layer-detect-proto.c, decode.c, decode-teredo.c and decode-ipv6.c (https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe, https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b). The attack vector is: An attacker can trigger the vulnerability by sending a specifically crafted network request. The fixed version is: 4.1.2.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2019-1010251
- cpe:2.3:a:oisf:suricata:4.1.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:oisf:suricata:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:oisf:suricata:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:oisf:suricata:4.0.5:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-1010251
0.21%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 60 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-1010251
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2019-1010251
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-1010251
-
https://redmine.openinfosecfoundation.org/issues/2736
Bug #2736: DNS Golden Transaction ID - detection bypass - Suricata - Open Information Security FoundationIssue Tracking;Third Party Advisory
-
https://github.com/OISF/suricata/pull/3590/commits/8357ef3f8ffc7d99ef6571350724160de356158b
Next/20181218/v8 by victorjulien · Pull Request #3590 · OISF/suricata · GitHubPatch;Third Party Advisory
-
https://github.com/OISF/suricata/pull/3590/commits/11f3659f64a4e42e90cb3c09fcef66894205aefe
Next/20181218/v8 by victorjulien · Pull Request #3590 · OISF/suricata · GitHubPatch;Third Party Advisory
Jump to