Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/scripts/base
History
Arne Welzel 3f5cb75a2a ftp: Introduce FTP::max_command_length 
oss-fuzz produced FTP traffic with a ~550KB long FTP command. Cap FTP command
length at 100 bytes, log a weird if a command is larger than that and move
on to the next. Likely it's not actual FTP traffic, but raising an
analyzer violation would allow clients an easy way to disable the analyzer
by sending an overly long command.

The added test PCAP was generated using a fake Python socket server/client.
2022-11-21 09:36:29 +01:00
..
files Spelling fixes: scripts 2022-11-02 17:36:39 -04:00
frameworks ftp: Introduce FTP::max_command_length 2022-11-21 09:36:29 +01:00
misc annotate base scripts with &is_used as needed 2022-05-26 17:39:17 -07:00
packet-protocols gtpv1: Do not register for protocol detection 2022-08-26 10:47:38 +02:00
protocols {http,smtp}/entities: Align header regexes with extract_filename_from_content_disposition() 2022-11-08 16:45:25 -07:00
utils Spelling fixes: scripts 2022-11-02 17:36:39 -04:00
init-bare.zeek ftp: Introduce FTP::max_command_length 2022-11-21 09:36:29 +01:00
init-default.zeek frameworks/dpd: Move to frameworks/analyzer/dpd, load by default 2022-08-31 16:50:47 +02:00
init-frameworks-and-bifs.zeek GH-1122: Allow initializing globals with calls to subdir BIFs 2020-08-27 12:20:37 -07:00
init-supervisor.zeek Establish a separate init script when using the supervisor 2021-07-08 13:12:53 -07:00