Project

General

Profile

Actions

Bug #3933

closed

Leak from bad signature with DCERPC keyword, then another protocol keyword

Added by Jeff Lucovsky over 4 years ago. Updated about 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Found by oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24715

Reproducer is
alert tcp any any -> any any dce_stub_data; content:"|32|"; offset:1; tls.cert_serial; content:"o";


Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #3898: Leak from bad signature with DCERPC keyword, then another protocol keywordClosedPhilippe AntoineActions
Actions

Also available in: Atom PDF