bad ip option evasion
Suricata is vulnerable to bad ip option evasions.
Here are the pcaps of issue number 3286 with a bad ipv4 option.
I don't think it's exploitable in the wild because routers should drop the injected packets (I didn't test it thought).
Updated by Victor Julien almost 2 years ago
- Status changed from Assigned to Closed
- Priority changed from High to Normal
- Private changed from Yes to No
- Label deleted (