diff options
| author | Craig Leres <leres@FreeBSD.org> | 2023-09-12 21:26:02 +0000 |
|---|---|---|
| committer | Craig Leres <leres@FreeBSD.org> | 2023-09-12 21:26:02 +0000 |
| commit | c729310c3535bd43845fb7fb4c94cc334ad05385 (patch) | |
| tree | be7b45989dcec2f50a71448fa09054772d7378ba /security/vuxml/vuln/2023.xml | |
| parent | 8ab46275a6c0f578c697bd9051559083a0d0306f (diff) | |
| download | ports-c729310c3535bd43845fb7fb4c94cc334ad05385.tar.gz ports-c729310c3535bd43845fb7fb4c94cc334ad05385.zip | |
security/vuxml: Mark zeek < 6.0.1 as vulnerable as per:
https://github.com/zeek/zeek/releases/tag/v6.0.1
This release fixes the following potential DoS vulnerabilities:
- File extraction limits were not correctly enforced for files
containing large amounts of missing bytes.
- Sessions are sometimes not cleaned up completely within Zeek
during shutdown,
potentially causing a crash when using the -B dpd flag for debug logging.
- A specially-crafted HTTP packet can cause Zeek's filename
extraction code to take a long time to process the data.
- A specially-crafted series of FTP packets made up of a CWD request
followed by a large amount of ERPT requests may cause Zeek to
spend a long time logging the commands.
- A specially-crafted VLAN packet can cause Zeek to overflow memory
and potentially crash.
Reported by: Tim Wojtulewicz
Diffstat (limited to 'security/vuxml/vuln/2023.xml')
| -rw-r--r-- | security/vuxml/vuln/2023.xml | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml index 722ad283d3e7..4899d98e6897 100644 --- a/security/vuxml/vuln/2023.xml +++ b/security/vuxml/vuln/2023.xml @@ -1,3 +1,41 @@ + <vuln vid="8eefa87f-31f1-496d-bf8e-2b465b6e4e8a"> + <topic>zeek -- potential DoS vulnerabilities</topic> + <affects> + <package> + <name>zeek</name> + <range><lt>6.0.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Tim Wojtulewicz of Corelight reports:</p> + <blockquote cite="https://github.com/zeek/zeek/releases/tag/v6.0.1"> + <p> File extraction limits were not correctly enforced + for files containing large amounts of missing bytes. </p> + <p> Sessions are sometimes not cleaned up completely + within Zeek during shutdown, potentially causing a crash + when using the -B dpd flag for debug logging. </p> + <p> A specially-crafted HTTP packet can cause Zeek's + filename extraction code to take a long time to process + the data. </p> + <p> A specially-crafted series of FTP packets made up of + a CWD request followed by a large amount of ERPT requests + may cause Zeek to spend a long time logging the commands. + </p> + <p> A specially-crafted VLAN packet can cause Zeek to + overflow memory and potentially crash. </p> + </blockquote> + </body> + </description> + <references> + <url>https://github.com/zeek/zeek/releases/tag/v6.0.1</url> + </references> + <dates> + <discovery>2023-09-12</discovery> + <entry>2023-09-12</entry> + </dates> + </vuln> + <vuln vid="4061a4b2-4fb1-11ee-acc7-0151f07bc899"> <topic>gitea -- block user account creation from blocked email domains</topic> <affects> |