svn commit: r528507 - head/security/vuxml
Craig Leres
leres at FreeBSD.org
Sun Mar 15 22:31:29 UTC 2020
Author: leres
Date: Sun Mar 15 22:31:28 2020
New Revision: 528507
URL: https://svnweb.freebsd.org/changeset/ports/528507
Log:
security/vuxml: Mark zeek < 3.0.3 as vulnerable as per:
https://raw.githubusercontent.com/zeek/zeek/9dda3602a760f00d9532c6314ea79108106033fa/NEWS
There are a number of potential denial of service issues due to
memory leaks, buffer overflows, and a null pointer dereference.
Approved by: matthew (mentor, implicit)
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Sun Mar 15 21:42:43 2020 (r528506)
+++ head/security/vuxml/vuln.xml Sun Mar 15 22:31:28 2020 (r528507)
@@ -58,6 +58,72 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="4ae135f7-85cd-4c32-ad94-358271b31f7f">
+ <topic>zeek -- potential denial of service issues</topic>
+ <affects>
+ <package>
+ <name>zeek</name>
+ <range><lt>3.0.3</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Jon Siwek of Corelight reports:</p>
+ <blockquote cite="https://raw.githubusercontent.com/zeek/zeek/9dda3602a760f00d9532c6314ea79108106033fa/NEWS">
+ <p>This release addresses the following security issues:</p>
+ <ul>
+ <li>
+ Potential Denial of Service due to memory leak in DNS
+ TSIG message parsing. </li>
+ <li>
+ Potential Denial of Service due to memory leak (or assertion
+ when compiling with assertions enabled) when receiving a
+ second SSH KEX message after a first. </li>
+ <li>
+ Potential Denial of Service due to buffer read overflow
+ and/or memory leaks in Kerberos analyzer. The buffer
+ read overflow could occur when the Kerberos message
+ indicates it contains an IPv6 address, but does not send
+ enough data to parse out a full IPv6 address. A memory
+ leak could occur when processing KRB_KDC_REQ KRB_KDC_REP
+ messages for message types that do not match a known/expected
+ type. </li>
+ <li>
+ Potential Denial of Service when sending many zero-length
+ SSL/TLS certificate data. Such messages underwent the
+ full Zeek file analysis treatment which is expensive (and
+ meaninguless here) compared to how cheaply one can "create"
+ or otherwise indicate many zero-length contained in an
+ SSL message. </li>
+ <li>
+ Potential Denial of Service due to buffer read overflow
+ in SMB transaction data string handling. The length of
+ strings being parsed from SMB messages was trusted to be
+ whatever the message claimed instead of the actual length
+ of data found in the message. </li>
+ <li>
+ Potential Denial of Service due to null pointer dereference
+ in FTP ADAT Base64 decoding. </li>
+ <li>
+ Potential Denial of Service due buffer read overflow in
+ FTP analyzer word/whitespace handling. This typically
+ won't be a problem in most default deployments of Zeek
+ since the FTP analyzer receives data from a ContentLine
+ (NVT) support analyzer which first null-terminates the
+ buffer used for further FTP parsing. </li>
+ </ul>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://github.com/zeek/zeek/blob/9dda3602a760f00d9532c6314ea79108106033fa/NEWS</url>
+ </references>
+ <dates>
+ <discovery>2020-02-25</discovery>
+ <entry>2020-03-15</entry>
+ </dates>
+ </vuln>
+
<vuln vid="c3600a64-64ea-11ea-bdff-e0d55e2a8bf9">
<topic>Okular -- Local binary execution via action links</topic>
<affects>
More information about the svn-ports-all
mailing list