Project

General

Profile

Actions
Copy link

Bug #7773

closed
SB SB

Bug #7638: detect: incorrect rule ordering with more complex flowbit chains

flowbits: no-op unset + isnotset combinations are accepted

Bug #7773: flowbits: no-op unset + isnotset combinations are accepted

Added by Shivani Bhardwaj 10 months ago. Updated 2 months ago.

Status:
Closed
Priority:
High
Assignee:
Shivani Bhardwaj
Target version:
9.0.0-beta1
Affected Versions:
8.0.0
Effort:
Difficulty:
low
Label:

Description

For example, a rule like:

alert tcp any any -> any any (msg:"unset + isnotset"; flowbits:isnotset,abc; http.method; content:"GET"; flowbits:unset,abc; sid:111)

SB Updated by Shivani Bhardwaj 10 months ago Actions
Copy link
 #1

  • Description updated (diff)
  • Priority changed from Normal to High

SB Updated by Shivani Bhardwaj 9 months ago Actions
Copy link
 #2

  • Difficulty set to low

SB Updated by Shivani Bhardwaj 9 months ago Actions
Copy link
 #3

  • Target version changed from 8.0.0 to 9.0.0-beta1

PA Updated by Philippe Antoine 9 months ago Actions
Copy link
 #4

  • Affected Versions 8.0.0 added

SB Updated by Shivani Bhardwaj 9 months ago Actions
Copy link
 #6

  • Status changed from Assigned to In Review

SB Updated by Shivani Bhardwaj 2 months ago Actions
Copy link
 #7

  • Status changed from In Review to Closed
Actions
Copy link

Also available in: PDF Atom