Bug #7773: flowbits: no-op unset + isnotset combinations are accepted - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #7773

open

Bug #7638: detect: incorrect rule ordering with more complex flowbit chains

flowbits: no-op unset + isnotset combinations are accepted

Added by Shivani Bhardwaj 22 days ago. Updated 11 days ago.

Status:

Assigned

Priority:

High

Assignee:

Shivani Bhardwaj

Target version:

9.0.0-beta1

Affected Versions:

Effort:

Difficulty:

low

Label:

Description

For example, a rule like:

alert tcp any any -> any any (msg:"unset + isnotset"; flowbits:isnotset,abc; http.method; content:"GET"; flowbits:unset,abc; sid:111)

History
Property changes

Actions

Copy link

Updated by Shivani Bhardwaj 22 days ago

Description updated (diff)
Priority changed from Normal to High

Actions

Copy link

Updated by Shivani Bhardwaj 19 days ago

Difficulty set to low

Actions

Copy link

Updated by Shivani Bhardwaj 11 days ago

Target version changed from 8.0.0 to 9.0.0-beta1

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #7773

flowbits: no-op unset + isnotset combinations are accepted

Updated by Shivani Bhardwaj 22 days ago

Updated by Shivani Bhardwaj 19 days ago

Updated by Shivani Bhardwaj 11 days ago