vulnerability
FreeBSD: VID-386A14BB-1A21-41C6-A2CF-08D79213379B: zeek -- potential DoS vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Oct 27, 2023 | Oct 29, 2023 | Feb 19, 2025 |
Description
Tim Wojtulewicz of Corelight reports:
A specially-crafted SSL packet could cause Zeek to
leak memory and potentially crash.
A specially-crafted series of FTP packets could cause
Zeek to log entries for requests that have already been
completed, using resources unnecessarily and potentially
causing Zeek to lose other traffic.
A specially-crafted series of SSL packets could cause
Zeek to output a very large number of unnecessary alerts
for the same record.
A specially-crafted series of SSL packets could cause
Zeek to generate very long ssl_history fields in the
ssl.log, potentially using a large amount of memory due
to unbounded state growth
A specially-crafted IEEE802.11 packet could cause
Zeek to overflow memory and potentially crash
Solution
References
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.