[Bro-Dev] [JIRA] (BIT-1518) SSH analyzer doesn't handle non-conformant client version strings
Adam Slagell (JIRA)
jira at bro-tracker.atlassian.net
Thu Mar 3 10:05:00 PST 2016
[ https://bro-tracker.atlassian.net/browse/BIT-1518?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Adam Slagell updated BIT-1518:
------------------------------
Priority: Low (was: Normal)
> SSH analyzer doesn't handle non-conformant client version strings
> -----------------------------------------------------------------
>
> Key: BIT-1518
> URL: https://bro-tracker.atlassian.net/browse/BIT-1518
> Project: Bro Issue Tracker
> Issue Type: Problem
> Components: Bro
> Affects Versions: 2.4
> Reporter: Vlad Grigorescu
> Assignee: Vlad Grigorescu
> Priority: Low
> Fix For: 2.5
>
>
> Received a report that some SSH clients send a version identification string similar to 'SSH-2.0-FooBar_Client\n' which causes a protocol violation in the SSH analyzer. RFC 4253 states that this must be terminated by '\r\n', but that's not what's being observed.
--
This message was sent by Atlassian JIRA
(v7.2.0-OD-03-010#72000)
More information about the bro-dev
mailing list