Bug #6713: Weak ciphers event in Kerberos protocol - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #6713

open

Weak ciphers event in Kerberos protocol

Added by Cyrille Franchet 3 months ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

TBD

Affected Versions:

7.0.2

Effort:

Difficulty:

low

Label:

Protocol, Rust

Description

The weak cipher event is located on the encrypted data for TGS_REP. This is incorrect I think. We should check the ticket encryption type and not the encrypted data.
The current implementation detects ASREPRoasting but not Kerberoasting.

No data to display

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #6713

Weak ciphers event in Kerberos protocol