Actions
Security #1278
closedssh banner parsing issue
Git IDs:
8ec28dea16080c77828412d6de01018dabc7b7c3
Severity:
Disclosure Date:
Description
Reported privately.
Actions
Added by Victor Julien about 11 years ago. Updated about 5 years ago.
8ec28dea16080c77828412d6de01018dabc7b7c3
Description
Reported privately.
app-layer-ssh: fix banner parser
Carefully crafted SSH banner could result in parser error.
CVE 2014-6603
Signed-off-by: Eric Leblond <eric@regit.org>
Reported by Steffen Bauch
A work around is to simply disable the ssh app layer module:
app-layer:
protocols:
tls:
enabled: yes
detection-ports:
dp: 443
#no-reassemble: yes
dcerpc:
enabled: yes
ftp:
enabled: yes
ssh:
enabled: no
Alternatively, it can be set to 'detection-only'.