https://redmine.openinfosecfoundation.org/https://redmine.openinfosecfoundation.org/favicon.ico?17011170022018-07-11T10:06:18ZOpen Information Security FoundationSuricata - Bug #2528: krb parser not always parsing tgs responseshttps://redmine.openinfosecfoundation.org/issues/2528?journal_id=99072018-07-11T10:06:18ZVictor Julienvictor@inliniac.net
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Assigned</i></li><li><strong>Assignee</strong> set to <i>Pierre Chifflier</i></li><li><strong>Target version</strong> set to <i>TBD</i></li><li><strong>Affected Versions</strong> <i>4.1beta1</i> added</li><li><strong>Affected Versions</strong> deleted (<del><i>4.0beta1</i></del>)</li></ul> Suricata - Bug #2528: krb parser not always parsing tgs responseshttps://redmine.openinfosecfoundation.org/issues/2528?journal_id=106552018-12-12T10:40:12ZPierre Chifflierchifflier@wzdftpd.net
<ul></ul><p>Hi,<br />Thanks for the report and the pcaps.</p>
<p>The cause of this issue is the probing parser being a bit too strict, and not matching fragmented request packets.<br />A fix will be proposed soon.</p> Suricata - Bug #2528: krb parser not always parsing tgs responseshttps://redmine.openinfosecfoundation.org/issues/2528?journal_id=106782018-12-14T15:46:29ZVictor Julienvictor@inliniac.net
<ul><li><strong>Status</strong> changed from <i>Assigned</i> to <i>Closed</i></li><li><strong>Target version</strong> changed from <i>TBD</i> to <i>4.1.1</i></li><li><strong>Affected Versions</strong> <i>4.1</i> added</li><li><strong>Affected Versions</strong> deleted (<del><i>4.1beta1</i></del>)</li></ul><p><a class="external" href="https://github.com/OISF/suricata/pull/3583">https://github.com/OISF/suricata/pull/3583</a></p> Suricata - Bug #2528: krb parser not always parsing tgs responseshttps://redmine.openinfosecfoundation.org/issues/2528?journal_id=106792018-12-14T15:47:31ZVictor Julienvictor@inliniac.net
<ul></ul><p><a class="user active user-mention" href="https://redmine.openinfosecfoundation.org/users/340">@Jason Borden</a> Taylor: could you turn this into a suricata-verify test?</p> Suricata - Bug #2528: krb parser not always parsing tgs responseshttps://redmine.openinfosecfoundation.org/issues/2528?journal_id=106812018-12-14T15:57:04ZJason Taylor
<ul></ul><p>Thanks Pierre!</p>
<p>Victor, sure I will get a PR done for that.</p>