FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

bro -- integer overflow allows remote DOS

Affected packages
bro < 2.5.3


VuXML ID 044cff62-ed8b-4e72-b102-18a7d58a669f
Discovery 2018-02-14
Entry 2018-02-16

Philippe Antoine of Catena cyber:

This is a security release that fixes an integer overflow in code generated by binpac. This issue can be used by remote attackers to crash Bro (i.e. a DoS attack). There also is a possibility this can be exploited in other ways. (CVE pending.)