Actions
Bug #3339
closedMissing community ID in smb, rdp, tftp, dhcp
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 5.0
Description
The function JsonAddCommonOptions is not called in SMB, RDP, TFTP and DHCP protocols resulting in Community ID not to be present even if asked.
In the case of SMB and RDP this is clearly missing. For TFTP and DHCP, this could be discussed as we have no real flow. But other tools should be able to build the same community ID so it seems ok to have it.
Updated by Eric Leblond about 5 years ago
This is fixed in this code https://github.com/regit/suricata/tree/forensic-mode that should reach PR state soon but it may be a bit too intrusive for the Suricata 5.0.
Updated by Andreas Herz about 5 years ago
- Assignee set to Eric Leblond
- Target version set to 70
Updated by Victor Julien almost 5 years ago
- Assignee changed from Eric Leblond to OISF Dev
Updated by Victor Julien almost 5 years ago
- Priority changed from Normal to High
Updated by Sascha Steinbiss over 4 years ago
fileinfo
is also affected (5.0.3). Any chance of this making it as a separate PR?
Updated by Jeff Lucovsky over 4 years ago
- Status changed from New to In Review
- Assignee changed from OISF Dev to Jeff Lucovsky
- Label Needs backport to 5.0 added
Updated by Victor Julien over 4 years ago
- Target version changed from 70 to 6.0.0beta1
Updated by Jeff Lucovsky over 4 years ago
- Copied to Bug #3804: Missing community ID in smb, rdp, tftp, dhcp added
Updated by Jeff Lucovsky over 4 years ago
- Status changed from In Review to Closed
Updated by Jeff Lucovsky over 4 years ago
- Copied to Bug #3810: Missing community ID in smb, rdp, tftp, dhcp added
Actions