Overview
- System affected: suricata
- Software-Version: prior to 4.1
- Impact: Code-Execution. The impact for this vulnerability is considered as low because an attacker could exploit this for code execution only if the configuration-file is not protected properly.
Detailed description
There is a stack-based buffer-overflow in ParseFilename. Since the length of “outputs.pcap-log.filename” is not checked and the destination buffer “str” has a fixed length of 512 bytes, a buffer overflow happens with long filenames for the pcap-log. A special crafted config-file could lead to code-execution. The impact for this vulnerability is considered as low because an attacker could exploit this only if the configuration-file is not protected properly.
Solution
This bug was fixed in Suricata 4.1
Credits
This bug was discovered and fixed by Wolfgang Hotwagner (https://tech.feedyourhead.at/content/suricata-stack-based-buffer-overflow)