FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-14 21:31:10 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
8eefa87f-31f1-496d-bf8e-2b465b6e4e8azeek -- potential DoS vulnerabilities

Tim Wojtulewicz of Corelight reports:

File extraction limits were not correctly enforced for files containing large amounts of missing bytes.

Sessions are sometimes not cleaned up completely within Zeek during shutdown, potentially causing a crash when using the -B dpd flag for debug logging.

A specially-crafted HTTP packet can cause Zeek's filename extraction code to take a long time to process the data.

A specially-crafted series of FTP packets made up of a CWD request followed by a large amount of ERPT requests may cause Zeek to spend a long time logging the commands.

A specially-crafted VLAN packet can cause Zeek to overflow memory and potentially crash.


Discovery 2023-09-12
Entry 2023-09-12
zeek
< 6.0.1

https://github.com/zeek/zeek/releases/tag/v6.0.1