CVE-2014-6603 - The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricata before 2.0.4 allows remote a

CVE-2014-6603

Summary

The SSHParseBanner function in SSH parser (app-layer-ssh.c) in Suricata before 2.0.4 allows remote attackers to bypass SSH rules, cause a denial of service (crash), or possibly have unspecified other impact via a crafted banner, which triggers a large memory allocation or an out-of-bounds write.

References

Vulnerable Configurations

cpe:2.3:a:openinfosecfoundation:suricata:2.0.1-1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.1-1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.1-2:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.1-2:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.2-1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.2-1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.2-2:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.2-2:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.3-1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.3-1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.1:-:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.1:-:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.1:beta1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.1:beta1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.1:beta2:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.1:beta2:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.1:beta3:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.1:beta3:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.1:rc1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.1:rc1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.2:-:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.2:-:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.2:beta1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.2:beta1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.2:rc1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.2:rc1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3:beta_2:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3:beta_2:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3:beta_3:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3:beta_3:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3:rc_1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3:rc_1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4:beta_1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4:beta_1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4:beta_2:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4:beta_2:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4:beta_3:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4:beta_3:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4:rc_1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4:rc_1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0:-:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0:-:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0:beta_1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0:beta_1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0:beta_2:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0:beta_2:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0:rc3:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0:rc3:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0:rc_1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0:rc_1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.1:-:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.1:-:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.1:rc1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.1:rc1:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:openinfosecfoundation:suricata:2.0.3:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 09-10-2018 - 19:51)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	70083
bugtraq	20140923 CVE-2014-6603 suricata 2.0.3 Out-of-bounds access in SSH parser
fedora	FEDORA-2014-11302 FEDORA-2014-11462
fulldisc	20140923 CVE-2014-6603 suricata 2.0.3 Out-of-bounds access in SSH parser
misc	http://packetstormsecurity.com/files/128382/Suricata-2.0.3-Out-Of-Bounds-Access.html
xf	suricata-cve20146603-dos(96157)

Last major update

09-10-2018 - 19:51

Published

07-10-2014 - 14:55

Last modified

09-10-2018 - 19:51