Project

General

Profile

Actions
Copy link

Bug #7772

open

Bug #7638: detect: incorrect rule ordering with more complex flowbit chains

flowbits: no-op set and isset combinations are accepted

Added by Shivani Bhardwaj 2 days ago. Updated 1 day ago.

Status:
In Review
Priority:
High
Assignee:
Shivani Bhardwaj
Target version:
8.0.0
Affected Versions:
Effort:
Difficulty:
low
Label:

Description

For example, rules like

alert tcp any any -> any any (msg:"set + isset flowbit"; http.method; content:"GET"; flowbits:set,abc; flowbits:isset,abc; sid:111)

Actions
Copy link
 #1

Updated by Shivani Bhardwaj 2 days ago

  • Description updated (diff)
  • Priority changed from Normal to High
Actions
Copy link
 #2

Updated by Shivani Bhardwaj 1 day ago

  • Status changed from Assigned to In Review
  • Difficulty set to low
Actions
Copy link

Also available in: Atom PDF