Project

General

Profile

Actions
Copy link

Bug #4312

closed

dcerpc: no alert triggered with dce opnum in 6.0

Added by Jeff Lucovsky almost 4 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
High
Assignee:
Shivani Bhardwaj
Target version:
6.0.2
Affected Versions:
6.0.0
Effort:
Difficulty:
Label:

Description

For the attached suricata-verify test, alert is not triggered for rules in the file named ".broken.rules". The only diff this file has from the other rule file is an opnum to match against.

via Jeff Lucovsky via Corelight researcher

Files

zerologon-suri.tar.gz (36.7 KB) zerologon-suri.tar.gz Shivani Bhardwaj, 12/03/2020 11:48 PM

Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #4198: dcerpc: no alert triggered with dce opnum in 6.0ClosedShivani BhardwajActions
Actions
Copy link
 #1

Updated by Jeff Lucovsky almost 4 years ago

  • Copied from Bug #4198: dcerpc: no alert triggered with dce opnum in 6.0 added
Actions
Copy link
 #2

Updated by Victor Julien over 3 years ago

  • Status changed from Assigned to In Progress
Actions
Copy link
 #3

Updated by Shivani Bhardwaj over 3 years ago

  • Status changed from In Progress to Closed
Actions
Copy link

Also available in: Atom PDF