vulnerability
FreeBSD: VID-3110B29E-C82D-4287-9F6C-DB82BB883B1E: zeek -- potential DoS vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | 2022-08-23 | 2022-11-04 | 2025-02-19 |
Description
Tim Wojtulewicz of Corelight reports:
Fix a possible overflow and crash in the ARP analyzer
when receiving a specially crafted packet. Due to the
possibility of this happening with packets received from
the network, this is a potential DoS vulnerability.
Fix a possible overflow and crash in the Modbus analyzer
when receiving a specially crafted packet. Due to the
possibility of this happening with packets received from
the network, this is a potential DoS vulnerability.
Fix two possible crashes when converting IP headers for
output via the raw_packet event. Due to the possibility of
this happening with packets received from the network, this
is a potential DoS vulnerability. Note that the raw_packet
event is not enabled by default so these are likely
low-severity issues.
Fix an abort related to an error related to the ordering
of record fields when processing DNS EDNS headers via events.
Due to the possibility of this happening with packets
received from the network, this is a potential DoS
vulnerability. Note that the dns_EDNS events are not
implemented by default so this is likely a low-severity
issue.
Solution
References
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.