FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
a00c76d9-0c05-4d99-bef7-ae4521cb2a4dzeek -- potential DoS vulnerabilty

Tim Wojtulewicz of Corelight reports:

Fix potential unbounded state growth in the FTP analyzer when receiving a specially-crafted stream of commands. This may lead to a buffer overflow and cause Zeek to crash. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerabilty.


Discovery 2022-04-21
Entry 2022-04-21
zeek
< 4.0.6

https://github.com/zeek/zeek/releases/tag/v4.0.6
d4d21998-bdc4-4a09-9849-2898d9b41459zeek -- several vulnerabilities

Tim Wojtulewicz of Corelight reports:

Paths from log stream make it into system() unchecked, potentially leading to commands being run on the system unintentionally. This requires either bad scripting or a malicious package to be installed, and is considered low severity.

Fix potential unbounded state growth in the PIA analyzer when receiving a connection with either a large number of zero-length packets, or one which continues ack-ing unseen segments. It is possible to run Zeek out of memory in these instances and cause it to crash. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability.


Discovery 2021-08-26
Entry 2021-09-22
zeek
< 4.0.4

https://github.com/zeek/zeek/releases/tag/v4.0.4
1ab7357f-a3c2-406a-89fb-fd00e49a71b5zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

A specially-crafted series of FTP packets with a CMD command with a large path followed by a very large number of replies could cause Zeek to spend a long time processing the data.

A specially-crafted with a truncated header can cause Zeek to overflow memory and potentially crash.

A specially-crafted series of SMTP packets can cause Zeek to generate a very large number of events and take a long time to process them.

A specially-crafted series of POP3 packets containing MIME data can cause Zeek to spend a long time dealing with each individual file ID.


Discovery 2023-05-19
Entry 2023-05-19
zeek
< 5.0.9

https://github.com/zeek/zeek/releases/tag/v5.0.9
bc83cfc9-42cf-4b00-97ad-d352ba0c5e2bzeek -- null-pointer dereference vulnerability

Jon Siwek of Corelight reports:

Fix null-pointer dereference when encountering an invalid enum name in a config/input file that tries to read it into a set[enum]. For those that have such an input feed whose contents may come from external/remote sources, this is a potential DoS vulnerability.


Discovery 2021-04-01
Entry 2021-04-21
zeek
< 4.0.1

https://github.com/zeek/zeek/releases/tag/v4.0.1
96d6809a-81df-46d4-87ed-2f78c79f06b1zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

Receiving DNS responses from async DNS requests (via A specially-crafted stream of FTP packets containing a command reply with many intermediate lines can cause Zeek to spend a large amount of time processing data.

A specially-crafted set of packets containing extremely large file offsets cause cause the reassembler code to allocate large amounts of memory.

The DNS manager does not correctly expire responses that don't contain any data, such those containing NXDOMAIN or NODATA status codes. This can lead to Zeek allocating large amounts of memory for these responses and never deallocating them.

A specially-crafted stream of RDP packets can cause Zeek to spend large protocol validation.

A specially-crafted stream of SMTP packets can cause Zeek to spend large amounts of time processing data.


Discovery 2023-04-12
Entry 2023-04-12
zeek
< 5.0.8

https://github.com/zeek/zeek/releases/tag/v5.0.8
3110b29e-c82d-4287-9f6c-db82bb883b1ezeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

Fix a possible overflow and crash in the ARP analyzer when receiving a specially crafted packet. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability.

Fix a possible overflow and crash in the Modbus analyzer when receiving a specially crafted packet. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability.

Fix two possible crashes when converting IP headers for output via the raw_packet event. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability. Note that the raw_packet event is not enabled by default so these are likely low-severity issues.

Fix an abort related to an error related to the ordering of record fields when processing DNS EDNS headers via events. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability. Note that the dns_EDNS events are not implemented by default so this is likely a low-severity issue.


Discovery 2022-08-23
Entry 2022-08-26
zeek
< 5.0.1

https://github.com/zeek/zeek/releases/tag/v5.0.1
658b9198-8106-4c3d-a2aa-dc4a0a7cc3b6zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

A specially-crafted series of HTTP 0.9 packets can cause Zeek to spend large amounts of time processing the packets.

A specially-crafted FTP packet can cause Zeek to spend large amounts of time processing the command.

A specially-crafted IPv6 packet can cause Zeek to overflow memory and potentially crash.


Discovery 2022-11-24
Entry 2022-11-24
zeek
< 5.0.4

https://github.com/zeek/zeek/releases/tag/v5.0.4
60d4d31a-a573-41bd-8c1e-5af7513c1ee9zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

Fix an issue where a specially-crafted FTP packet can cause Zeek to spend large amounts of time attempting to search for valid commands in the data stream.

Fix a possible overflow in the Zeek dictionary code that may lead to a memory leak.

Fix an issue where a specially-crafted packet can cause Zeek to spend large amounts of time reporting analyzer violations.

Fix a possible assert and crash in the HTTP analyzer when receiving a specially crafted packet.

Fix an issue where a specially-crafted HTTP or SMTP packet can cause Zeek to spend a large amount of time attempting to search for filenames within the packet data.

Fix two separate possible crashes when converting processed IP headers for logging via the raw_packet event handlers.


Discovery 2022-11-09
Entry 2022-11-09
zeek
< 5.0.3

https://github.com/zeek/zeek/releases/tag/v5.0.3
2b5fc9c4-eaca-46e0-83d0-9b10c51c4b1bzeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

A missing field in the SMB FSControl script-land record could cause a heap buffer overflow when receiving packets containing those header types.

Receiving a series of packets that start with HTTP/1.0 and then switch to HTTP/0.9 could cause Zeek to spend a large amount of time processing the packets.

Receiving large numbers of FTP commands sequentially from the network with bad data in them could cause Zeek to spend a large amount of time processing the packets, and generate a large amount of events.


Discovery 2023-02-01
Entry 2023-02-01
zeek
< 5.0.6

https://github.com/zeek/zeek/releases/tag/v5.0.6
204f1a7a-43df-412f-ad25-7dbe88f54fa4zeek -- potential DoS vulnerabilty

Tim Wojtulewicz of Corelight reports:

Fix potential hang in the DNS analyzer when receiving a specially-crafted packet. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability.


Discovery 2022-06-01
Entry 2022-06-03
zeek
< 4.0.7

https://github.com/zeek/zeek/releases/tag/v4.0.7
656b0152-faa9-4755-b08d-aee4a774bd04zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

Fix a possible overflow and crash in the ICMP analyzer when receiving a specially crafted packet.

Fix a possible overflow and crash in the IRC analyzer when receiving a specially crafted packet.

Fix a possible overflow and crash in the SMB analyzer when receiving a specially crafted packet.

Fix two possible crashes when converting IP headers for output via the raw_packet event.


Discovery 2022-09-19
Entry 2022-09-19
zeek
< 5.0.2

https://github.com/zeek/zeek/releases/tag/v5.0.2
7a425536-74f7-4ce4-9768-0079a9d44d11zeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

Receiving DNS responses from async DNS requests (via the lookup_addr, etc BIF methods) with the TTL set to zero could cause the DNS manager to eventually stop being able to make new requests.

Specially-crafted FTP packets with excessively long usernames, passwords, or other fields could cause log writes to use large amounts of disk space.

The find_all and find_all_ordered BIF methods could take extremely large amounts of time to process incoming data depending on the size of the input.


Discovery 2023-02-21
Entry 2023-02-21
zeek
< 5.0.7

https://github.com/zeek/zeek/releases/tag/v5.0.7
a550d62c-f78d-4407-97d9-93876b6741b9zeek -- several potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

Fix potential Undefined Behavior in decode_netbios_name() and decode_netbios_name_type() BIFs. The latter has a possibility of a remote heap-buffer-overread, making this a potential DoS vulnerability.

Add some extra length checking when parsing mobile ipv6 packets. Due to the possibility of reading invalid headers from remote sources, this is a potential DoS vulnerability.


Discovery 2021-04-30
Entry 2021-06-02
zeek
< 4.0.2

https://github.com/zeek/zeek/releases/tag/v4.0.2