New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Where to report bugs #22
Comments
Oops, didn't read carefully enough. They need to be sent to Sorry! |
Feel free to report on Snort++ issues here. We check both. We will follow up on this one at bugs@. Thanks. |
Mailed a report to |
Heho, re-opening since I didn't get a response from |
Oops, my email only went to back to bugs@. I asked this: "That's an eth:icmp6 packet, which should be illegal, so our fix would be to fail to decode and drop when inline. Did you craft or capture your pcap?" We have a fix that will be out later today or early next week on github. |
No worries. Shall I initiate a CVE for this or do you have a security process that already takes this into account? The reason I ask is that FOSS projects differ in how they handle security bugs. I would like to know what snort's view is. |
Actually that packet is eth:llc:snap:invalid but due to the Snort++ implementation and a bug in the llc codec (which includes the snap header) it looks to Snort++ like icmp6 and hence the crash. We have a process. Someone will be contacting you. Thanks. |
This issue was fixed. The packet manager now does validation of the ether type and will raise 116:473, (decode) ether type out of range as appropriate. |
Hi,
I have been testing snort3 and have managed to find program crashes in read pcap mode. Where do I report them?
Thanks!
Bhargava
The text was updated successfully, but these errors were encountered: