FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

zeek -- potential DoS vulnerabilities

Affected packages
zeek < 5.0.2

Details

VuXML ID 656b0152-faa9-4755-b08d-aee4a774bd04
Discovery 2022-09-19
Entry 2022-09-19

Tim Wojtulewicz of Corelight reports:

Fix a possible overflow and crash in the ICMP analyzer when receiving a specially crafted packet.

Fix a possible overflow and crash in the IRC analyzer when receiving a specially crafted packet.

Fix a possible overflow and crash in the SMB analyzer when receiving a specially crafted packet.

Fix two possible crashes when converting IP headers for output via the raw_packet event.

References

URL https://github.com/zeek/zeek/releases/tag/v5.0.2