Project

General

Profile

Actions

Security #1880

closed

icmpv4 error packets can lead to missed detection in tcp/udp

Added by Victor Julien over 8 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
High
Assignee:
Target version:
Affected Versions:
Label:
Git IDs:

6b078e4f51800ac4cba3660dedfe210474491bc6

Severity:
Disclosure Date:

Description

If an ICMPv4 error packet is received as the first packet on a flow in the to_client direction, it confuses the rule grouping lookup logic. The toclient inspection will then continue with the wrong rule group. This can lead to missed detection.

Actions #1

Updated by Victor Julien over 8 years ago

  • Status changed from Assigned to Closed
Actions #2

Updated by Victor Julien over 4 years ago

  • Tracker changed from Bug to Security
  • CVE set to 2016-10728
  • Git IDs updated (diff)
Actions

Also available in: Atom PDF