Actions
Bug #3328
closedbad ip option evasion
Affected Versions:
Effort:
Difficulty:
Label:
Description
Suricata is vulnerable to bad ip option evasions.
Here are the pcaps of issue number 3286 with a bad ipv4 option.
I don't think it's exploitable in the wild because routers should drop the injected packets (I didn't test it thought).
Files
Updated by Andreas Herz about 5 years ago
- Assignee set to OISF Dev
- Target version set to 70
Updated by Victor Julien about 5 years ago
- Status changed from New to Assigned
- Assignee changed from OISF Dev to Jason Ish
- Target version changed from 70 to 5.0.1
Updated by Victor Julien about 5 years ago
- Priority changed from Normal to High
- Label Needs backport added
Updated by Victor Julien about 5 years ago
- Status changed from Assigned to Closed
- Priority changed from High to Normal
- Private changed from Yes to No
- Label deleted (
Needs backport)
Updated by Victor Julien about 5 years ago
- Copied to Bug #3414: bad ip option evasion (4.1.x) added
Actions