Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base/protocols
History
Johanna Amann a6edbf8bcd Fix parsing of version field in SSLv2 client hello 
It turns out that, for probably a long time, we have reported an
incorrect version when parsing an SSLv2 client hello. We always reported
this as SSLv2, no matter which version the client hello actually
contained.

This bug probably went unnoticed for a long time, as SSLv2 is
essentially unused nowadays, and as this field does not show up in the
default logs.

This was found due to a baseline difference when writing the Spicy SSL
analyzer.
2024-08-22 13:14:24 +01:00
..
conn tunnels: Add 'X' to history when reaching Tunnel::max_depth 2024-01-11 10:22:44 +01:00
dce-rpc dce-rpc: Handle smb2_close_request() in scripts 2023-06-30 15:14:35 +02:00
dhcp dhcp: Handle is_orig=T for connections from server to 255.255.255.255 2023-08-28 12:15:55 +02:00
dnp3 Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
dns dns: Remove AD and CD flags from log 2023-03-16 10:09:27 +01:00
finger Add BIF have_spicy_analyzers(). 2023-02-03 13:47:26 +01:00
ftp Merge remote-tracking branch 'origin/topic/awelzel/ftp-clear-fuid-after-logging' 2024-02-22 12:23:21 +01:00
http http/smtp: Fix wrong character class usage 2023-09-12 12:00:36 -07:00
imap Merge remote-tracking branch 'origin/topic/seth/zeek_init' 2019-04-19 11:24:29 -07:00
irc Revert "Merge remote-tracking branch 'origin/topic/vern/at-if-analyze'" 2023-05-31 09:20:33 +02:00
krb fix for nit in base/protocols/krb/main.zeek 2024-08-16 11:18:57 +02:00
ldap ldap: Avoid unset m$opcode 2024-08-06 18:20:09 +02:00
modbus Pass parsed file record information with ReadFile/WriteFile events 2023-08-07 13:44:38 -07:00
mqtt mqtt: Move from policy/ into base/ 2022-11-30 10:14:20 +01:00
mysql mysql: Implement and test COM_CHANGE_USER 2024-08-14 10:20:01 +02:00
ntlm scripts/dce-rpc,ntlm: Do not load base/frameworks/dpd 2022-08-31 16:50:37 +02:00
ntp &is_set => &is_assigned 2021-02-04 12:18:46 -08:00
pop3 Rename all scripts to have ".zeek" file extension 2019-04-11 21:12:40 -05:00
quic Fix Zeekygen warning for QUIC::unrecognized_version event 2024-05-24 14:30:42 -07:00
radius Remove script functions marked as unused (6.1 deprecations) 2023-06-14 10:07:22 -07:00
rdp Merge remote-tracking branch 'jeff-bb/patch-2' 2023-01-23 12:50:23 -07:00
rfb Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
sip Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
smb Fix for suppressing SMB logging of previously-logged files 2024-05-18 14:13:52 -07:00
smtp Merge remote-tracking branch 'origin/topic/awelzel/3264-smtp-bdat' 2024-01-12 10:49:28 +01:00
snmp Spelling fixes: scripts 2022-11-02 17:36:39 -04:00
socks socks/dpd: Add newer auth methods 2023-06-05 13:55:00 +02:00
ssh ssh: Test for c$ssh$analyzer_id existence 2022-11-16 16:35:57 +01:00
ssl Fix parsing of version field in SSLv2 client hello 2024-08-22 13:14:24 +01:00
syslog Add BIF have_spicy_analyzers(). 2023-02-03 13:47:26 +01:00
tunnels Add Teredo packet analyzer, disable old analyzer 2021-11-23 19:36:50 -07:00
websocket websocket: Handle breaking from WebSocket::configure_analyzer() 2024-01-22 18:54:41 +01:00
xmpp Merge remote-tracking branch 'origin/topic/seth/zeek_init' 2019-04-19 11:24:29 -07:00