FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

zeek -- potential DoS vulnerability

Affected packages
zeek < 7.0.5

Details

VuXML ID ef56065e-81fe-4731-a1e3-606c55925bef
Discovery 2024-12-16
Entry 2024-12-16

Tim Wojtulewicz of Corelight reports:

Large QUIC packets can cause Zeek to overflow memory and potentially crash. Due to the possibility of receiving these packets from remote hosts, this is a DoS risk.

[source]

References

URL https://github.com/zeek/zeek/releases/tag/v7.0.5

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.