Project

General

Profile

Security #1880

icmpv4 error packets can lead to missed detection in tcp/udp

Added by Victor Julien over 4 years ago. Updated 6 months ago.

Status:
Closed
Priority:
High
Assignee:
Target version:
Affected Versions:
Git IDs:

6b078e4f51800ac4cba3660dedfe210474491bc6


Description

If an ICMPv4 error packet is received as the first packet on a flow in the to_client direction, it confuses the rule grouping lookup logic. The toclient inspection will then continue with the wrong rule group. This can lead to missed detection.

#1

Updated by Victor Julien over 4 years ago

  • Status changed from Assigned to Closed
#2

Updated by Victor Julien 6 months ago

  • Tracker changed from Bug to Security
  • CVE set to 2016-10728
  • Git IDs updated (diff)

Also available in: Atom PDF