Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base
History
Arne Welzel cf9fe91705 pop3: Prevent unbounded state growth 
The cmds list may grow unbounded due to the POP3 analyzer being in
multiLine mode after seeing `AUTH` in a Redis connection, but never
a `.` terminator. This can easily be provoked by the Redis ping
command.

This adds two heuristics: 1) Forcefully process the oldest commands in
the cmds list and cap it at max_pending_commands. 2) Start raising
analyzer violations if the client has been using more than
max_unknown_client_commands commands (default 10).

Closes #3936
2024-09-18 19:05:39 +02:00
..
files Copy timestamp from file object 2024-05-17 15:03:06 +02:00
frameworks Spicy: Register well-known ports through an event handler. 2024-08-22 10:24:55 +02:00
misc Parse and store localversion string 2024-04-17 14:17:22 -07:00
packet-protocols gtpv1: Replace connection_state_remove() with RemovalHook 2024-09-17 18:15:09 +02:00
protocols postgresql: Initial parser implementation 2024-09-06 16:10:48 +02:00
utils Clarify membership in the Site::private_address_space prefix list. [skip ci] 2024-05-04 11:21:26 -07:00
init-bare.zeek pop3: Prevent unbounded state growth 2024-09-18 19:05:39 +02:00
init-default.zeek postgresql: Initial parser implementation 2024-09-06 16:10:48 +02:00
init-frameworks-and-bifs.zeek Add necessary script-land changes 2024-05-31 13:30:31 -07:00
init-supervisor.zeek Establish a separate init script when using the supervisor 2021-07-08 13:12:53 -07:00