Bug #7552: applayer: misdetection if response is seen first without request - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #7552

open

applayer: misdetection if response is seen first without request

Added by Alice da Silva Akaki 9 days ago. Updated 7 days ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

8.0.0-beta1

Affected Versions:

7.0.8, git master

Effort:

Difficulty:

Label:

Description

Transaction gets cleaned by AppLayerParserTransactionsCleanup before detection is run in the to_client direction when stream.midstream=true and first packet is to client dir.

Found in: https://github.com/OISF/suricata-verify/pull/2282

The next step is find a pcap to reproduce the bug

Subtasks 1 (1 open — 0 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #7552

applayer: misdetection if response is seen first without request

Updated by OISF Ticketbot 9 days ago

Updated by OISF Ticketbot 9 days ago

Updated by Alice da Silva Akaki 9 days ago

Updated by OISF Ticketbot 9 days ago

Updated by Alice da Silva Akaki 7 days ago

Updated by Shivani Bhardwaj 7 days ago