Bug #1385: DCERPC traffic parsing issue - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #1385

closed

VJ VJ

DCERPC traffic parsing issue

Bug #1385: DCERPC traffic parsing issue

Added by Victor Julien about 11 years ago. Updated about 11 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Victor Julien

Target version:

2.0.7

Affected Versions:

Effort:

Difficulty:

Label:

Description

This is a parsing issue in the DCERPC parser that can happen when Suricata runs out of memory. The exact scope of the problem isn't clear, but it could certainly lead to crashes. RCE might theoretically be possible but looks like it's very hard.

It was brought to our attention by the Yahoo Pentest Team.

History
Notes
Property changes

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata

Custom queries

Bug #1385

DCERPC traffic parsing issue

VJ Updated by Victor Julien about 11 years ago Actions
Copy link
#1

VJ Updated by Victor Julien about 11 years ago Actions
Copy link
#2

VJ Updated by Victor Julien about 11 years ago Actions
Copy link
#3

Project

General

Profile

Suricata

Custom queries

Bug #1385

DCERPC traffic parsing issue

VJ Updated by Victor Julien about 11 years ago ActionsCopy link #1

VJ Updated by Victor Julien about 11 years ago ActionsCopy link #2

VJ Updated by Victor Julien about 11 years ago ActionsCopy link #3

VJ Updated by Victor Julien about 11 years ago Actions
Copy link
#1

VJ Updated by Victor Julien about 11 years ago Actions
Copy link
#2

VJ Updated by Victor Julien about 11 years ago Actions
Copy link
#3