VuXML ID | Description |
3e9624b3-e92b-4460-8a5a-93247c52c5a1 | zeek -- Remote crash vulnerability
Jon Siwek of Corelight reports:
Fix ASCII Input reader's treatment of input files
containing null-bytes. An input file containing null-bytes
could lead to a buffer-over-read, crash Zeek, and be
exploited to cause Denial of Service.
Discovery 2021-02-10 Entry 2021-02-22 zeek
< 3.0.13
https://github.com/zeek/zeek/releases/tag/v3.0.13
|
9f7ae7ea-da93-4f86-b257-ba76707f6d5d | zeek -- Various vulnerabilities
Jon Siwek of Corelight reports:
This release fixes the following security issues:
-
Fix potential stack overflow in NVT analyzer
-
Fix NVT analyzer memory leak from multiple telnet authn name options
-
Fix multiple content-transfer-encoding headers causing a memory leak
-
Fix potential leak of Analyzers added to tree during Analyzer::Done
-
Prevent IP fragment reassembly on packets without minimal IP header
Discovery 2020-05-04 Entry 2020-06-10 zeek
< 3.0.7
https://raw.githubusercontent.com/zeek/zeek/v3.0.7/NEWS
|
e333084c-9588-4eee-8bdc-323e02cb4fe0 | zeek -- Various vulnerabilities
Jon Siwek of Corelight reports:
This release fixes the following security issues:
- Fix potential DNS analyzer stack overflow
- Fix potential NetbiosSSN analyzer stack overflow
Discovery 2020-07-28 Entry 2020-07-28 zeek
< 3.0.8
https://github.com/zeek/zeek/releases/tag/v3.0.8
|
204f1a7a-43df-412f-ad25-7dbe88f54fa4 | zeek -- potential DoS vulnerabilty
Tim Wojtulewicz of Corelight reports:
Fix potential hang in the DNS analyzer when receiving
a specially-crafted packet. Due to the possibility of
this happening with packets received from the network,
this is a potential DoS vulnerability.
Discovery 2022-06-01 Entry 2022-06-03 zeek
< 4.0.7
https://github.com/zeek/zeek/releases/tag/v4.0.7
|
2c92fdd3-896c-4a5a-a0d8-52acee69182d | zeek -- Various vulnerabilities
Jon Siwek of Corelight reports:
This release fixes the following security issue:
- The AYIYA and GTPv1 parsing/decapsulation logic may
leak memory -- These leaks have potential for remote
exploitation to cause Denial of Service via resource
exhaustion.
Discovery 2020-08-28 Entry 2020-09-09 zeek
< 3.0.10
https://github.com/zeek/zeek/releases/tag/v3.0.10
|
a550d62c-f78d-4407-97d9-93876b6741b9 | zeek -- several potential DoS vulnerabilities
Tim Wojtulewicz of Corelight reports:
Fix potential Undefined Behavior in decode_netbios_name()
and decode_netbios_name_type() BIFs. The latter has a
possibility of a remote heap-buffer-overread, making this
a potential DoS vulnerability.
Add some extra length checking when parsing mobile
ipv6 packets. Due to the possibility of reading invalid
headers from remote sources, this is a potential DoS
vulnerability.
Discovery 2021-04-30 Entry 2021-06-02 zeek
< 4.0.2
https://github.com/zeek/zeek/releases/tag/v4.0.2
|
769a4f60-9056-4c27-89a1-1758a59a21f8 | zeek -- Vulnerability due to memory leak
Jon Siwek of Corelight reports:
This release fixes the following security issue:
- A memory leak in multipart MIME code has potential
for remote exploitation and cause for Denial of Service
via resource exhaustion.
Discovery 2020-09-29 Entry 2020-10-07 zeek
< 3.0.11
https://github.com/zeek/zeek/releases/tag/v3.0.11
|
a00c76d9-0c05-4d99-bef7-ae4521cb2a4d | zeek -- potential DoS vulnerabilty
Tim Wojtulewicz of Corelight reports:
Fix potential unbounded state growth in the FTP
analyzer when receiving a specially-crafted stream of
commands. This may lead to a buffer overflow and cause
Zeek to crash. Due to the possibility of this happening
with packets received from the network, this is a potential
DoS vulnerabilty.
Discovery 2022-04-21 Entry 2022-04-21 zeek
< 4.0.6
https://github.com/zeek/zeek/releases/tag/v4.0.6
|
d4d21998-bdc4-4a09-9849-2898d9b41459 | zeek -- several vulnerabilities
Tim Wojtulewicz of Corelight reports:
Paths from log stream make it into system() unchecked,
potentially leading to commands being run on the system
unintentionally. This requires either bad scripting or a
malicious package to be installed, and is considered low
severity.
Fix potential unbounded state growth in the PIA
analyzer when receiving a connection with either a large
number of zero-length packets, or one which continues
ack-ing unseen segments. It is possible to run Zeek out
of memory in these instances and cause it to crash. Due
to the possibility of this happening with packets received
from the network, this is a potential DoS vulnerability.
Discovery 2021-08-26 Entry 2021-09-22 zeek
< 4.0.4
https://github.com/zeek/zeek/releases/tag/v4.0.4
|
bc83cfc9-42cf-4b00-97ad-d352ba0c5e2b | zeek -- null-pointer dereference vulnerability
Jon Siwek of Corelight reports:
Fix null-pointer dereference when encountering an
invalid enum name in a config/input file that tries to
read it into a set[enum]. For those that have such an
input feed whose contents may come from external/remote
sources, this is a potential DoS vulnerability.
Discovery 2021-04-01 Entry 2021-04-21 zeek
< 4.0.1
https://github.com/zeek/zeek/releases/tag/v4.0.1
|