vulnerability
FreeBSD: VID-8eefa87f-31f1-496d-bf8e-2b465b6e4e8a: zeek -- potential DoS vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Sep 12, 2023 | Sep 13, 2023 | Dec 10, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Sep 12, 2023
Added
Sep 13, 2023
Modified
Dec 10, 2025
Description
Tim Wojtulewicz of Corelight reports: File extraction limits were not correctly enforced for files containing large amounts of missing bytes. Sessions are sometimes not cleaned up completely within Zeek during shutdown, potentially causing a crash when using the -B dpd flag for debug logging. A specially-crafted HTTP packet can cause Zeek's filename extraction code to take a long time to process the data. A specially-crafted series of FTP packets made up of a CWD request followed by a large amount of ERPT requests may cause Zeek to spend a long time logging the commands. A specially-crafted VLAN packet can cause Zeek to overflow memory and potentially crash.
Solution
freebsd-upgrade-package-zeek
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.