Project

General

Profile

Actions

Bug #1385

closed

DCERPC traffic parsing issue

Added by Victor Julien almost 10 years ago. Updated over 9 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

This is a parsing issue in the DCERPC parser that can happen when Suricata runs out of memory. The exact scope of the problem isn't clear, but it could certainly lead to crashes. RCE might theoretically be possible but looks like it's very hard.

It was brought to our attention by the Yahoo Pentest Team.

Actions

Also available in: Atom PDF