FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 03:12:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
2b5fc9c4-eaca-46e0-83d0-9b10c51c4b1b	zeek -- potential DoS vulnerabilities Tim Wojtulewicz of Corelight reports: A missing field in the SMB FSControl script-land record could cause a heap buffer overflow when receiving packets containing those header types. Receiving a series of packets that start with HTTP/1.0 and then switch to HTTP/0.9 could cause Zeek to spend a large amount of time processing the packets. Receiving large numbers of FTP commands sequentially from the network with bad data in them could cause Zeek to spend a large amount of time processing the packets, and generate a large amount of events. Discovery 2023-02-01 Entry 2023-02-01 zeek < 5.0.6 https://github.com/zeek/zeek/releases/tag/v5.0.6

VuXML ID

Description

2b5fc9c4-eaca-46e0-83d0-9b10c51c4b1b

zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

A missing field in the SMB FSControl script-land record could cause a heap buffer overflow when receiving packets containing those header types.

Receiving a series of packets that start with HTTP/1.0 and then switch to HTTP/0.9 could cause Zeek to spend a large amount of time processing the packets.

Receiving large numbers of FTP commands sequentially from the network with bad data in them could cause Zeek to spend a large amount of time processing the packets, and generate a large amount of events.

Discovery 2023-02-01
Entry 2023-02-01
zeek

< 5.0.6

https://github.com/zeek/zeek/releases/tag/v5.0.6