The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a crafted HTTP request.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-03-20T16:00:00

Updated: 2024-08-06T08:36:31.124Z

Reserved: 2016-08-28T00:00:00

Link: CVE-2015-8954

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-03-20T16:59:01.407

Modified: 2024-11-21T02:39:31.973

Link: CVE-2015-8954

cve-icon Redhat

No data.