Actions
Security #6866
closedeve: excessive ssh long banner logging
Git IDs:
Severity:
HIGH
Disclosure Date:
02/19/2024
Description
Found by oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64345&q=label%3AProj-suricata&can=2
Fuzz target triggers the following rulealert tcp any any -> any any (msg:"SURICATA STREAM ESTABLISHED packet out of window"; stream-event:est_packet_out_of_window; classtype:protocol-command-decode; sid:2210020; rev:2;)
on many packets leading to most time spent in jsonbuild set_string_from_bytes (doing escaping on binary buffer) for dummy overlong ssh software version
Files
Updated by Victor Julien 9 months ago
- Status changed from Resolved to Closed
Updated by Victor Julien 9 months ago
- Private changed from Yes to No
Actions