Actions
Bug #3339
closed
EL
JL
Missing community ID in smb, rdp, tftp, dhcp
Bug #3339:
Missing community ID in smb, rdp, tftp, dhcp
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 5.0
Description
The function JsonAddCommonOptions is not called in SMB, RDP, TFTP and DHCP protocols resulting in Community ID not to be present even if asked.
In the case of SMB and RDP this is clearly missing. For TFTP and DHCP, this could be discussed as we have no real flow. But other tools should be able to build the same community ID so it seems ok to have it.
EL Updated by Eric Leblond over 6 years ago
This is fixed in this code https://github.com/regit/suricata/tree/forensic-mode that should reach PR state soon but it may be a bit too intrusive for the Suricata 5.0.
AH Updated by Andreas Herz over 6 years ago
- Assignee set to Eric Leblond
- Target version set to 70
VJ Updated by Victor Julien about 6 years ago
- Assignee changed from Eric Leblond to OISF Dev
VJ Updated by Victor Julien about 6 years ago
- Priority changed from Normal to High
SS Updated by Sascha Steinbiss almost 6 years ago
fileinfo is also affected (5.0.3). Any chance of this making it as a separate PR?
JL Updated by Jeff Lucovsky almost 6 years ago
- Status changed from New to In Review
- Assignee changed from OISF Dev to Jeff Lucovsky
- Label Needs backport to 5.0 added
VJ Updated by Victor Julien almost 6 years ago
- Target version changed from 70 to 6.0.0beta1
JL Updated by Jeff Lucovsky almost 6 years ago
- Copied to Bug #3804: Missing community ID in smb, rdp, tftp, dhcp added
JL Updated by Jeff Lucovsky almost 6 years ago
- Status changed from In Review to Closed
JL Updated by Jeff Lucovsky almost 6 years ago
- Copied to Bug #3810: Missing community ID in smb, rdp, tftp, dhcp added
Actions