Integer Overflow Vulnerability in Suricata 4.0.4 EtherNet/IP PDU Parsing
CVE-2018-10244 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Suricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the parsing code to read beyond the allocated data because DecodeENIPPDU in app-layer-enip-commmon.c has an integer overflow during a length check.
Learn more about our Web Application Penetration Testing UK.