FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
1a6b7641-aed2-4ba1-96f4-c282d5b09c37zeek -- Various vulnerabilities

Jon Siwek of Corelight reports:

This release fixes the following security issues:

  • Fix buffer over-read in Ident analyzer
  • Fix SSL scripting error leading to uninitialized field access and memory leak
  • Fix POP3 analyzer global buffer over-read
  • Fix potential stack overflows due to use of Variable-Length-Arrays

Discovery 2020-05-06
Entry 2020-05-06
zeek
< 3.0.6

https://raw.githubusercontent.com/zeek/zeek/v3.0.6/NEWS
204f1a7a-43df-412f-ad25-7dbe88f54fa4zeek -- potential DoS vulnerabilty

Tim Wojtulewicz of Corelight reports:

Fix potential hang in the DNS analyzer when receiving a specially-crafted packet. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability.


Discovery 2022-06-01
Entry 2022-06-03
zeek
< 4.0.7

https://github.com/zeek/zeek/releases/tag/v4.0.7
2c92fdd3-896c-4a5a-a0d8-52acee69182dzeek -- Various vulnerabilities

Jon Siwek of Corelight reports:

This release fixes the following security issue:

  • The AYIYA and GTPv1 parsing/decapsulation logic may leak memory -- These leaks have potential for remote exploitation to cause Denial of Service via resource exhaustion.

Discovery 2020-08-28
Entry 2020-09-09
zeek
< 3.0.10

https://github.com/zeek/zeek/releases/tag/v3.0.10
3110b29e-c82d-4287-9f6c-db82bb883b1ezeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

Fix a possible overflow and crash in the ARP analyzer when receiving a specially crafted packet. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability.

Fix a possible overflow and crash in the Modbus analyzer when receiving a specially crafted packet. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability.

Fix two possible crashes when converting IP headers for output via the raw_packet event. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability. Note that the raw_packet event is not enabled by default so these are likely low-severity issues.

Fix an abort related to an error related to the ordering of record fields when processing DNS EDNS headers via events. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability. Note that the dns_EDNS events are not implemented by default so this is likely a low-severity issue.


Discovery 2022-08-23
Entry 2022-08-26
zeek
< 5.0.1

https://github.com/zeek/zeek/releases/tag/v5.0.1
3e9624b3-e92b-4460-8a5a-93247c52c5a1zeek -- Remote crash vulnerability

Jon Siwek of Corelight reports:

Fix ASCII Input reader's treatment of input files containing null-bytes. An input file containing null-bytes could lead to a buffer-over-read, crash Zeek, and be exploited to cause Denial of Service.


Discovery 2021-02-10
Entry 2021-02-22
zeek
< 3.0.13

https://github.com/zeek/zeek/releases/tag/v3.0.13
4ae135f7-85cd-4c32-ad94-358271b31f7fzeek -- potential denial of service issues

Jon Siwek of Corelight reports:

This release addresses the following security issues:

  • Potential Denial of Service due to memory leak in DNS TSIG message parsing.
  • Potential Denial of Service due to memory leak (or assertion when compiling with assertions enabled) when receiving a second SSH KEX message after a first.
  • Potential Denial of Service due to buffer read overflow and/or memory leaks in Kerberos analyzer. The buffer read overflow could occur when the Kerberos message indicates it contains an IPv6 address, but does not send enough data to parse out a full IPv6 address. A memory leak could occur when processing KRB_KDC_REQ KRB_KDC_REP messages for message types that do not match a known/expected type.
  • Potential Denial of Service when sending many zero-length SSL/TLS certificate data. Such messages underwent the full Zeek file analysis treatment which is expensive (and meaninguless here) compared to how cheaply one can "create" or otherwise indicate many zero-length contained in an SSL message.
  • Potential Denial of Service due to buffer read overflow in SMB transaction data string handling. The length of strings being parsed from SMB messages was trusted to be whatever the message claimed instead of the actual length of data found in the message.
  • Potential Denial of Service due to null pointer dereference in FTP ADAT Base64 decoding.
  • Potential Denial of Service due buffer read overflow in FTP analyzer word/whitespace handling. This typically won't be a problem in most default deployments of Zeek since the FTP analyzer receives data from a ContentLine (NVT) support analyzer which first null-terminates the buffer used for further FTP parsing.

Discovery 2020-02-25
Entry 2020-03-15
zeek
< 3.0.3

https://github.com/zeek/zeek/blob/9dda3602a760f00d9532c6314ea79108106033fa/NEWS
60d4d31a-a573-41bd-8c1e-5af7513c1ee9zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

Fix an issue where a specially-crafted FTP packet can cause Zeek to spend large amounts of time attempting to search for valid commands in the data stream.

Fix a possible overflow in the Zeek dictionary code that may lead to a memory leak.

Fix an issue where a specially-crafted packet can cause Zeek to spend large amounts of time reporting analyzer violations.

Fix a possible assert and crash in the HTTP analyzer when receiving a specially crafted packet.

Fix an issue where a specially-crafted HTTP or SMTP packet can cause Zeek to spend a large amount of time attempting to search for filenames within the packet data.

Fix two separate possible crashes when converting processed IP headers for logging via the raw_packet event handlers.


Discovery 2022-11-09
Entry 2022-11-09
zeek
< 5.0.3

https://github.com/zeek/zeek/releases/tag/v5.0.3
656b0152-faa9-4755-b08d-aee4a774bd04zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

Fix a possible overflow and crash in the ICMP analyzer when receiving a specially crafted packet.

Fix a possible overflow and crash in the IRC analyzer when receiving a specially crafted packet.

Fix a possible overflow and crash in the SMB analyzer when receiving a specially crafted packet.

Fix two possible crashes when converting IP headers for output via the raw_packet event.


Discovery 2022-09-19
Entry 2022-09-19
zeek
< 5.0.2

https://github.com/zeek/zeek/releases/tag/v5.0.2
658b9198-8106-4c3d-a2aa-dc4a0a7cc3b6zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

A specially-crafted series of HTTP 0.9 packets can cause Zeek to spend large amounts of time processing the packets.

A specially-crafted FTP packet can cause Zeek to spend large amounts of time processing the command.

A specially-crafted IPv6 packet can cause Zeek to overflow memory and potentially crash.


Discovery 2022-11-24
Entry 2022-11-24
zeek
< 5.0.4

https://github.com/zeek/zeek/releases/tag/v5.0.4
769a4f60-9056-4c27-89a1-1758a59a21f8zeek -- Vulnerability due to memory leak

Jon Siwek of Corelight reports:

This release fixes the following security issue:

  • A memory leak in multipart MIME code has potential for remote exploitation and cause for Denial of Service via resource exhaustion.

Discovery 2020-09-29
Entry 2020-10-07
zeek
< 3.0.11

https://github.com/zeek/zeek/releases/tag/v3.0.11
9f7ae7ea-da93-4f86-b257-ba76707f6d5dzeek -- Various vulnerabilities

Jon Siwek of Corelight reports:

This release fixes the following security issues:

  • Fix potential stack overflow in NVT analyzer
  • Fix NVT analyzer memory leak from multiple telnet authn name options
  • Fix multiple content-transfer-encoding headers causing a memory leak
  • Fix potential leak of Analyzers added to tree during Analyzer::Done
  • Prevent IP fragment reassembly on packets without minimal IP header

Discovery 2020-05-04
Entry 2020-06-10
zeek
< 3.0.7

https://raw.githubusercontent.com/zeek/zeek/v3.0.7/NEWS
a00c76d9-0c05-4d99-bef7-ae4521cb2a4dzeek -- potential DoS vulnerabilty

Tim Wojtulewicz of Corelight reports:

Fix potential unbounded state growth in the FTP analyzer when receiving a specially-crafted stream of commands. This may lead to a buffer overflow and cause Zeek to crash. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerabilty.


Discovery 2022-04-21
Entry 2022-04-21
zeek
< 4.0.6

https://github.com/zeek/zeek/releases/tag/v4.0.6
a550d62c-f78d-4407-97d9-93876b6741b9zeek -- several potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

Fix potential Undefined Behavior in decode_netbios_name() and decode_netbios_name_type() BIFs. The latter has a possibility of a remote heap-buffer-overread, making this a potential DoS vulnerability.

Add some extra length checking when parsing mobile ipv6 packets. Due to the possibility of reading invalid headers from remote sources, this is a potential DoS vulnerability.


Discovery 2021-04-30
Entry 2021-06-02
zeek
< 4.0.2

https://github.com/zeek/zeek/releases/tag/v4.0.2
bc83cfc9-42cf-4b00-97ad-d352ba0c5e2bzeek -- null-pointer dereference vulnerability

Jon Siwek of Corelight reports:

Fix null-pointer dereference when encountering an invalid enum name in a config/input file that tries to read it into a set[enum]. For those that have such an input feed whose contents may come from external/remote sources, this is a potential DoS vulnerability.


Discovery 2021-04-01
Entry 2021-04-21
zeek
< 4.0.1

https://github.com/zeek/zeek/releases/tag/v4.0.1
d4d21998-bdc4-4a09-9849-2898d9b41459zeek -- several vulnerabilities

Tim Wojtulewicz of Corelight reports:

Paths from log stream make it into system() unchecked, potentially leading to commands being run on the system unintentionally. This requires either bad scripting or a malicious package to be installed, and is considered low severity.

Fix potential unbounded state growth in the PIA analyzer when receiving a connection with either a large number of zero-length packets, or one which continues ack-ing unseen segments. It is possible to run Zeek out of memory in these instances and cause it to crash. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability.


Discovery 2021-08-26
Entry 2021-09-22
zeek
< 4.0.4

https://github.com/zeek/zeek/releases/tag/v4.0.4
e333084c-9588-4eee-8bdc-323e02cb4fe0zeek -- Various vulnerabilities

Jon Siwek of Corelight reports:

This release fixes the following security issues:

  • Fix potential DNS analyzer stack overflow
  • Fix potential NetbiosSSN analyzer stack overflow

Discovery 2020-07-28
Entry 2020-07-28
zeek
< 3.0.8

https://github.com/zeek/zeek/releases/tag/v3.0.8
f59c4c53-c55f-43fe-9920-82b9d1ea9c3dzeek -- Remote crash vulnerability

Jon Siwek of Corelight reports:

This release fixes the following security issue:

  • An attacker can crash Zeek remotely via crafted packet sequence.

Discovery 2020-04-14
Entry 2020-04-14
zeek
< 3.0.4

https://raw.githubusercontent.com/zeek/zeek/e059d4ec2e689b3c8942f4aa08b272f24ed3f612/NEWS