FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

zeek -- potential DoS vulnerabilities

Affected packages
zeek < 5.0.7


VuXML ID 7a425536-74f7-4ce4-9768-0079a9d44d11
Discovery 2023-02-21
Entry 2023-02-21

Tim Wojtulewicz of Corelight reports:

Receiving DNS responses from async DNS requests (via the lookup_addr, etc BIF methods) with the TTL set to zero could cause the DNS manager to eventually stop being able to make new requests.

Specially-crafted FTP packets with excessively long usernames, passwords, or other fields could cause log writes to use large amounts of disk space.

The find_all and find_all_ordered BIF methods could take extremely large amounts of time to process incoming data depending on the size of the input.