Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Add testcase for CVE-2015-3194

Browse source
This commit is contained in:
Johanna Amann 2016-01-19 14:41:24 -08:00
parent 176b0e7b44
commit a88b32ca03
3 changed files with 16 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
testing/btest/Baseline/scripts.base.protocols.ssl.cve-2015-3194/ssl.log Normal file
View file

@ -0,0 +1,10 @@
#separator \x09
#set_separator ,
#empty_field (empty)
#unset_field -
#path ssl
#open 2016-01-19-22-45-44
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p version cipher curve server_name resumed last_alert next_protocol established cert_chain_fuids client_cert_chain_fuids subject issuer client_subject client_issuer validation_status
#types time string addr port addr port string string string string bool string string bool vector[string] vector[string] string string string string string
1449265638.475275 CXWv6p3arKYeMETxOg 192.168.6.74 52122 104.236.167.107 4433 TLSv12 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 secp256r1 - F - - T Fvv5qY2DMGQY2MYQ03 (empty) CN=bro.org,L=Berkeley,ST=CA,C=US CN=Visa eCommerce Root,OU=Visa International Service Association,O=VISA,C=US - - certificate signature failure
#close 2016-01-19-22-45-44

BIN
testing/btest/Traces/tls/CVE-2015-3194.pcap Normal file
View file

Binary file not shown.

6
testing/btest/scripts/base/protocols/ssl/cve-2015-3194.test Normal file
View file

@ -0,0 +1,6 @@
# This tests if Bro does not crash when exposed to CVE-2015-3194
# @TEST-EXEC: bro -r $TRACES/tls/CVE-2015-3194.pcap %INPUT
# @TEST-EXEC: btest-diff ssl.log
@load protocols/ssl/validate-certs.bro