Actions
Bug #3339
closedMissing community ID in smb, rdp, tftp, dhcp
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 5.0
Description
The function JsonAddCommonOptions is not called in SMB, RDP, TFTP and DHCP protocols resulting in Community ID not to be present even if asked.
In the case of SMB and RDP this is clearly missing. For TFTP and DHCP, this could be discussed as we have no real flow. But other tools should be able to build the same community ID so it seems ok to have it.
Updated by Eric Leblond over 4 years ago
This is fixed in this code https://github.com/regit/suricata/tree/forensic-mode that should reach PR state soon but it may be a bit too intrusive for the Suricata 5.0.
Updated by Andreas Herz over 4 years ago
- Assignee set to Eric Leblond
- Target version set to 70
Updated by Victor Julien about 4 years ago
- Assignee changed from Eric Leblond to OISF Dev
Updated by Sascha Steinbiss almost 4 years ago
fileinfo is also affected (5.0.3). Any chance of this making it as a separate PR?
Updated by Jeff Lucovsky almost 4 years ago
- Status changed from New to In Review
- Assignee changed from OISF Dev to Jeff Lucovsky
- Label Needs backport to 5.0 added
Updated by Victor Julien almost 4 years ago
- Target version changed from 70 to 6.0.0beta1
Updated by Jeff Lucovsky almost 4 years ago
- Copied to Bug #3804: Missing community ID in smb, rdp, tftp, dhcp added
Updated by Jeff Lucovsky almost 4 years ago
- Status changed from In Review to Closed
Updated by Jeff Lucovsky almost 4 years ago
- Copied to Bug #3810: Missing community ID in smb, rdp, tftp, dhcp added
Actions