zeek -- potential DoS vulnerabilities
Tim Wojtulewicz of Corelight reports:
Receiving DNS responses from async DNS requests (via
the lookup_addr, etc BIF methods) with the TTL set to
zero could cause the DNS manager to eventually stop being
able to make new requests.
Specially-crafted FTP packets with excessively long
usernames, passwords, or other fields could cause log
writes to use large amounts of disk space.
The find_all and find_all_ordered BIF methods could
take extremely large amounts of time to process incoming
data depending on the size of the input.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright