HomeFreeBSD
Diffusion FreeBSD ports repository bc531907561d

security/vuxml: Mark zeek < 5.0.9 as vulnerable as per:
bc531907561d
Actions

Description

security/vuxml: Mark zeek < 5.0.9 as vulnerable as per:

https://github.com/zeek/zeek/releases/tag/v5.0.9

This release fixes the following potential DoS vulnerabilities:

  • A specially-crafted series of FTP packets with a CMD command with a large path followed by a very large number of replies could cause Zeek to spend a long time processing the data.
  • A specially-crafted with a truncated header can cause Zeek to overflow memory and potentially crash.
  • A specially-crafted series of SMTP packets can cause Zeek to generate a very large number of events and take a long time to process them.
  • A specially-crafted series of POP3 packets containing MIME data can cause Zeek to spend a long time dealing with each individual file ID.

Reported by: Tim Wojtulewicz

Details

Provenance
leresAuthored on May 19 2023, 5:35 PM
Parents
R11:a0ef5898beb4: emulators/virtualbox-ose[-legacy]: rename option MANUAL to DOCS and make it…
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
security/
vuxml/
vuln/

R11:bc531907561d

View Options

security/vuxml/vuln/2023.xml

Loading...