Project

General

Profile

Actions

Security #2969

closed

http_header signature do not alert on HTTP response with a single \r\n ending

Added by ajaxtpm ajaxtpm over 5 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Label:
Git IDs:
Severity:
Disclosure Date:

Description

Signature:
alert http any any -> any any (msg: "'ng1nx' Server header found"; flow: established, from_server; content: "ng1nx"; nocase; http_header; classtype: attempted-admin; sid: 1; rev: 1; )

Pcap attached


Files

ng1nx.pcap (1.01 KB) ng1nx.pcap ajaxtpm ajaxtpm, 05/07/2019 11:25 AM

Related issues 2 (0 open2 closed)

Related to Suricata - Task #3141: libhtp 0.5.31ClosedVictor JulienActions
Related to Suricata - Task #3142: libhtp 0.5.31 (4.1.x)ClosedVictor JulienActions
Actions

Also available in: Atom PDF