HomeFreeBSD

security/vuxml: Mark zeek < 5.0.4 as vulnerable as per:

Description

security/vuxml: Mark zeek < 5.0.4 as vulnerable as per:

https://github.com/zeek/zeek/releases/tag/v5.0.4

This release fixes the following potential DoS vulnerabilities:

  • A specially-crafted series of HTTP 0.9 packets can cause Zeek to spend large amounts of time processing the packets.
  • A specially-crafted FTP packet can cause Zeek to spend large amounts of time processing the command.
  • A specially-crafted IPv6 packet can cause Zeek to overflow memory and potentially crash.

Reported by: Tim Wojtulewicz

Details

Provenance
leresAuthored on Thu, Nov 24, 6:09 PM
Parents
R11:8cafd5bc0d86: security/heimdal*: Handle other types of garbage data
Branches
Unknown
Tags
Unknown