CVE-2019-18625

Current Description

An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it is possible to inject a RST ACK and a FIN ACK packet with a bad TCP Timestamp option. The client will ignore the RST ACK and the FIN ACK packets because of the bad TCP Timestamp option. Both linux and windows client are ignoring the injected packets.

Basic Data

PublishedJanuary 06, 2020
Last ModifiedAugust 24, 2020
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-noinfo
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactNONE
CVSS 2 - Base Score5.0
SeverityMEDIUM
Exploitability Score10.0
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • AND
    • OR - Configuration 1
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3ApplicationSuricata-idsSuricata5.0.0-******
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSMicrosoftWindows-*******
      2.3OSLinuxLinux Kernel-*******

Vulnerable Software List

VendorProductVersions
Suricata-ids Suricata 5.0.0

References

NameSourceURLTags
https://redmine.openinfosecfoundation.org/issues/3286MISChttps://redmine.openinfosecfoundation.org/issues/3286Third Party Advisory Third Party Advisory Patch Patch
https://redmine.openinfosecfoundation.org/issues/3395MISChttps://redmine.openinfosecfoundation.org/issues/3395Third Party Advisory Third Party Advisory
[debian-lts-announce] 20200130 [SECURITY] [DLA 2087-1] suricata security updateMLISThttps://lists.debian.org/debian-lts-announce/2020/01/msg00032.html
https://github.com/OISF/suricata/commit/ea0659de7640cf6a51de5bbd1dbbb0414e4623a0CONFIRMhttps://github.com/OISF/suricata/commit/ea0659de7640cf6a51de5bbd1dbbb0414e4623a0
https://github.com/OISF/suricata/commit/9f0294fadca3dcc18c919424242a41e01f3e8318CONFIRMhttps://github.com/OISF/suricata/commit/9f0294fadca3dcc18c919424242a41e01f3e8318