- Registered on: 01/25/2018
- Last connection: 04/18/2019
- 10:36 AM Suricata Bug #2881: http.protocol parsing inaccuracy
- Thanks Chris.
Indeed, Uris are not supposed to have spaces, but the protocol field is even less supposed to have spa...
- 09:04 AM Suricata Bug #2619: Malformed HTTP causes FN using http_header_names;
- Thanks Travis for this report.
These false negatives are due to the missing protocol field in the request line.
- 06:51 AM Suricata Bug #1656: several silent bypasses at the HTTP application level (chunking, compression, HTTP 0.9...)
- All http evader cases should now work :
- 06:51 AM Suricata Bug #1776: Multiple Content-Length headers causes HTP_STREAM_ERROR
- Pull request for libhtp should now be the bigger one
Other pull requests...
- 01:09 PM Suricata Bug #941: Support multiple stacked compression, compression that specifies the wrong compression type
- They already worked, I just added test cases here :
- 01:04 PM Suricata Bug #1776: Multiple Content-Length headers causes HTP_STREAM_ERROR
- Maybe we should wait for https://redmine.openinfosecfoundation.org/issues/1656 as we do not want to break other cases
- 08:02 AM Suricata Feature #984: libhtp HTP_AUTH_UNRECOGNIZED
- I had to prevent suricata from disabling libhtp parsing auth
Here are the pull requests :
- 04:41 PM Suricata Bug #2655: GET/POST HTTP-request with no Content-Length, http_client_body miss
- There are new pull requests :
- 01:31 PM Suricata Bug #2655: GET/POST HTTP-request with no Content-Length, http_client_body miss
- Thank you Alexey for this report.
From what I understand, the attacker controlled in your case both the client and...
- 10:01 AM Suricata Bug #1776: Multiple Content-Length headers causes HTP_STREAM_ERROR
- It should now be ok with :
Also available in: Atom