FreeBSD : net/krill -- DoS vulnerability (7844789a-9b1f-11ed-9a3f-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7844789a-9b1f-11ed-9a3f-b42e991fc52e advisory. - NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web serve...

CVE-2023-0158

creationtimestamp| type| source ---|---|--- 2023-01-17 20:40:18+00:00| seen| https://t.me/cibsecurity/56603 2025-04-04 19:36:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10541...

CVE-2023-0158 Triggered crash on direct RRDP access

NLnet Labs Krill supports direct access to the RRDP repository content through its built-in web server at the "/rrdp" endpoint. Prior to 0.12.1 a direct query for any existing directory under "/rrdp/", rather than an RRDP file such as "/rrdp/notification.xml" as would be expected, causes Krill to...

CVE-2023-0158

NLnet Labs Krill is affected by CVE-2023-0158. Before version 0.12.1, a direct query for any existing directory under the built-in RRDP endpoint ("/rrdp/")—instead of an RRDP file like "/rrdp/notification.xml"—can crash the publication server. If the "/rrdp" endpoint is exposed to the internet, m...