Actions
Security #2969
closedhttp_header signature do not alert on HTTP response with a single \r\n ending
Git IDs:
Severity:
Disclosure Date:
Description
Signature:
alert http any any -> any any (msg: "'ng1nx' Server header found"; flow: established, from_server; content: "ng1nx"; nocase; http_header; classtype: attempted-admin; sid: 1; rev: 1; )
Pcap attached
Files
Updated by Victor Julien over 5 years ago
- Status changed from New to Assigned
- Assignee set to Philippe Antoine
- Target version changed from 4.1.4 to TBD
Updated by Victor Julien over 5 years ago
- Affected Versions 4.1.4 added
- Affected Versions deleted (
4.1.5)
Updated by Victor Julien over 5 years ago
Fixed in https://github.com/OISF/libhtp/pull/213
Test case added: https://github.com/OISF/suricata-verify/pull/55
Updated by Victor Julien over 5 years ago
- Status changed from Assigned to Closed
- Target version deleted (
TBD)
Updated by Victor Julien about 4 years ago
- Tracker changed from Bug to Security
- CVE set to 2019-17420
CVE is technically in libhtp, but as Suricata bundles it we track it here as well.
Updated by Victor Julien about 4 years ago
- Related to Task #3141: libhtp 0.5.31 added
Updated by Victor Julien about 4 years ago
- Related to Task #3142: libhtp 0.5.31 (4.1.x) added
Actions