FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-02-20 09:44:03 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
55571619-454e-4769-b1e5-28354659e152	bro -- invalid memory access or heap buffer over-read Jon Siwek of Corelight reports: This is a security patch release to address a potential Denial of Service vulnerability: The NTLM analyzer did not properly handle AV Pair sequences that were either empty or unterminated, resulting in invalid memory access or heap buffer over-read. The NTLM analyzer is enabled by default and used in the analysis of SMB, DCE/RPC, and GSSAPI protocols. Discovery 2019-08-28 Entry 2019-09-17 bro < 2.6.4 https://raw.githubusercontent.com/zeek/zeek/3b5a9f88ece1d274edee897837e280ef751bde94/NEWS

VuXML ID

Description

55571619-454e-4769-b1e5-28354659e152

bro -- invalid memory access or heap buffer over-read

Jon Siwek of Corelight reports:

This is a security patch release to address a potential Denial of Service vulnerability:

The NTLM analyzer did not properly handle AV Pair sequences that were either empty or unterminated, resulting in invalid memory access or heap buffer over-read. The NTLM analyzer is enabled by default and used in the analysis of SMB, DCE/RPC, and GSSAPI protocols.

Discovery 2019-08-28
Entry 2019-09-17
bro

< 2.6.4

https://raw.githubusercontent.com/zeek/zeek/3b5a9f88ece1d274edee897837e280ef751bde94/NEWS