CVE-2024-3382
published 2024-04-10CVE-2024-3382: A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually…
PriorityP341high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.92%
55.9th percentile
A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL Forward Proxy feature enabled.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| palo_alto_networks | pan-os | >= 10.2.0 < 10.2.7-h3 | 10.2.7-h3 |
| palo_alto_networks | pan-os | >= 11.0.0 < 11.0.4 | 11.0.4 |
| palo_alto_networks | pan-os | >= 11.1.0 < 11.1.2 | 11.1.2 |
| paloalto | cloud_ngfw | — | — |
| paloalto | pan-os | — | — |
| paloalto | prisma_access | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | >= 10.2.0 < 10.2.7 | 10.2.7 |
| paloaltonetworks | pan-os | >= 11.0.0 < 11.0.4 | 11.0.4 |
| paloaltonetworks | pan-os | >= 11.1.0 < 11.1.2 | 11.1.2 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets
vendor_paloalto·2024-04-10·CVSS 7.5
CVE-2024-3382 [HIGH] CWE-770 PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets
PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets
A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL Forward Proxy feature enabled.
Affected products: Cloud NGFW, PAN-OS, Prisma Access
Solution: This issue is fixed in PAN-OS 10.2.7-h3, PAN-OS 11.0.4, PAN-OS 11.1.2, and all later PAN-OS versions.
Workaround: You can mitigate this issue by disabling decryption on your firewalls. To temporarily disable SSL Decryption, refer to the administrator’s guide for your PAN-OS software (such as PAN-OS 11.1: https://docs.paloaltonetw
GHSA
GHSA-55c4-h3q7-f6wp: A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that event
ghsa_unreviewed·2024-04-10
CVE-2024-3382 [HIGH] CWE-401 GHSA-55c4-h3q7-f6wp: A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that event
A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL Forward Proxy feature enabled.
Suricata
GPL RPC portmap ttdbserv request TCP
suricata·2010-09-23
CVE-1999-0003 GPL RPC portmap ttdbserv request TCP
GPL RPC portmap ttdbserv request TCP
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET 111 (msg:"GPL RPC portmap ttdbserv request TCP"; flow:established,to_server; content:"|00 01 86 A0|"; depth:4; offset:16; content:"|00 00 00 03|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; content:"|00 01 86 F3|"; within:4; content:"|00 00 00 00|"; depth:4; offset:8; reference:arachnids,24; reference:bugtraq,122; reference:bugtraq,3382; reference:cve,1999-0003; reference:cve,1999-0687; reference:cve,1999-1075; reference:cve,2001-0717; reference:url,www.cert.org/advisories/CA-2001-05.html; classtype:rpc-portmap-decode; sid:2101274; rev:20; metadata:created_at 2010_09_23, cve CVE_1999_0003, signature_severity Informational, updated_at 2024_03_08;)
No public exploits indexed.
No writeups or analysis indexed.
2024-04-10
Published