Project

General

Profile

Actions
Copy link

Bug #7774

open

Bug #7638: detect: incorrect rule ordering with more complex flowbit chains

flowbits: unneeded set + toggle combinations are accepted

Added by Shivani Bhardwaj 2 months ago. Updated about 1 month ago.

Status:
In Review
Priority:
High
Assignee:
Shivani Bhardwaj
Target version:
9.0.0-beta1
Affected Versions:
8.0.0
Effort:
Difficulty:
low
Label:

Description

For example, a rule like:

alert tcp any any -> any any (msg:"set + toggle"; http.method; content:"GET"; flowbits:set,abc; flowbits:toggle,abc; sid:111;)

Actions
Copy link
 #1

Updated by Shivani Bhardwaj 2 months ago

  • Description updated (diff)
  • Priority changed from Normal to High
Actions
Copy link
 #2

Updated by Shivani Bhardwaj 2 months ago

  • Difficulty set to low
Actions
Copy link
 #3

Updated by Shivani Bhardwaj about 2 months ago

  • Target version changed from 8.0.0 to 9.0.0-beta1
Actions
Copy link
 #4

Updated by Philippe Antoine about 1 month ago

  • Affected Versions 8.0.0 added
Actions
Copy link
 #6

Updated by Shivani Bhardwaj about 1 month ago

  • Status changed from Assigned to In Review
Actions
Copy link

Also available in: Atom PDF