mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
1b3e8a611e
Intermediate lines of multiline replies usually do not contain valid status codes (even if servers may opt to include them). Their content may be anything and likely unrelated to the original command. There's little reason for us trying to match them with a corresponding command. OSS-Fuzz generated a large command reply with very many intermediate lines which caused long processing times due to matching every line with all currently pending commands. This is a DoS vector against Zeek. The new ipv6-multiline-reply.trace and ipv6-retr-samba.trace files have been extracted from the external ipv6.trace. |
||
|---|---|---|
| .. | ||
| bad-adat-encoding.zeek | ||
| cwd-navigation.zeek | ||
| ftp-get-file-size.zeek | ||
| ftp-invalid-reply-code.zeek | ||
| ftp-ipv4.zeek | ||
| ftp-ipv6.zeek | ||
| ftp-max-arg-length.zeek | ||
| ftp-max-command-length.zeek | ||
| ftp-max-pending-commands.zeek | ||
| ftp-max-user-length.zeek | ||
| ftp-missing-reply-code.zeek | ||
| ftp-missing-space-after-reply-code.zeek | ||
| ftp-multiline-reply.zeek | ||
| ftp-samba-retr.zeek | ||
| gridftp.test | ||