FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

zeek -- potential DoS vulnerabilty

Affected packages
zeek < 4.0.7

Details

VuXML ID 204f1a7a-43df-412f-ad25-7dbe88f54fa4
Discovery 2022-06-01
Entry 2022-06-03

Tim Wojtulewicz of Corelight reports:

Fix potential hang in the DNS analyzer when receiving a specially-crafted packet. Due to the possibility of this happening with packets received from the network, this is a potential DoS vulnerability.

References

URL https://github.com/zeek/zeek/releases/tag/v4.0.7