FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
4ae135f7-85cd-4c32-ad94-358271b31f7f	zeek -- potential denial of service issues Jon Siwek of Corelight reports: This release addresses the following security issues: Potential Denial of Service due to memory leak in DNS TSIG message parsing. Potential Denial of Service due to memory leak (or assertion when compiling with assertions enabled) when receiving a second SSH KEX message after a first. Potential Denial of Service due to buffer read overflow and/or memory leaks in Kerberos analyzer. The buffer read overflow could occur when the Kerberos message indicates it contains an IPv6 address, but does not send enough data to parse out a full IPv6 address. A memory leak could occur when processing KRB_KDC_REQ KRB_KDC_REP messages for message types that do not match a known/expected type. Potential Denial of Service when sending many zero-length SSL/TLS certificate data. Such messages underwent the full Zeek file analysis treatment which is expensive (and meaninguless here) compared to how cheaply one can "create" or otherwise indicate many zero-length contained in an SSL message. Potential Denial of Service due to buffer read overflow in SMB transaction data string handling. The length of strings being parsed from SMB messages was trusted to be whatever the message claimed instead of the actual length of data found in the message. Potential Denial of Service due to null pointer dereference in FTP ADAT Base64 decoding. Potential Denial of Service due buffer read overflow in FTP analyzer word/whitespace handling. This typically won't be a problem in most default deployments of Zeek since the FTP analyzer receives data from a ContentLine (NVT) support analyzer which first null-terminates the buffer used for further FTP parsing. Discovery 2020-02-25 Entry 2020-03-15 zeek < 3.0.3 https://github.com/zeek/zeek/blob/9dda3602a760f00d9532c6314ea79108106033fa/NEWS

VuXML ID

Description

4ae135f7-85cd-4c32-ad94-358271b31f7f

zeek -- potential denial of service issues

Jon Siwek of Corelight reports:

This release addresses the following security issues:

Potential Denial of Service due to memory leak in DNS TSIG message parsing.

Potential Denial of Service due to memory leak (or assertion when compiling with assertions enabled) when receiving a second SSH KEX message after a first.

Potential Denial of Service due to buffer read overflow and/or memory leaks in Kerberos analyzer. The buffer read overflow could occur when the Kerberos message indicates it contains an IPv6 address, but does not send enough data to parse out a full IPv6 address. A memory leak could occur when processing KRB_KDC_REQ KRB_KDC_REP messages for message types that do not match a known/expected type.

Potential Denial of Service when sending many zero-length SSL/TLS certificate data. Such messages underwent the full Zeek file analysis treatment which is expensive (and meaninguless here) compared to how cheaply one can "create" or otherwise indicate many zero-length contained in an SSL message.

Potential Denial of Service due to buffer read overflow in SMB transaction data string handling. The length of strings being parsed from SMB messages was trusted to be whatever the message claimed instead of the actual length of data found in the message.

Potential Denial of Service due to null pointer dereference in FTP ADAT Base64 decoding.

Potential Denial of Service due buffer read overflow in FTP analyzer word/whitespace handling. This typically won't be a problem in most default deployments of Zeek since the FTP analyzer receives data from a ContentLine (NVT) support analyzer which first null-terminates the buffer used for further FTP parsing.

Discovery 2020-02-25
Entry 2020-03-15
zeek

< 3.0.3

https://github.com/zeek/zeek/blob/9dda3602a760f00d9532c6314ea79108106033fa/NEWS