134 matches found
FreeBSD : zeek -- potential DoS vulnerability (ef56065e-81fe-4731-a1e3-606c55925bef)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ef56065e-81fe-4731-a1e3-606c55925bef advisory. Tim Wojtulewicz of Corelight reports: Large QUIC packets can cause Zeek to overflow memory and...
zeek -- potential DoS vulnerability
Tim Wojtulewicz of Corelight reports: Large QUIC packets can cause Zeek to overflow memory and potentially crash. Due to the possibility of receiving these packets from remote hosts, this is a DoS risk...
FreeBSD : zeek -- potential DoS vulnerability (fe7031d3-3000-4b43-9fa6-52c2b624b8f9)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fe7031d3-3000-4b43-9fa6-52c2b624b8f9 advisory. Tim Wojtulewicz of Corelight reports: Adding to the POP3 hardening in 7.0.2, the parser now simply...
zeek -- potential DoS vulnerability
Tim Wojtulewicz of Corelight reports: Adding to the POP3 hardening in 7.0.2, the parser now simply discards too many pending commands, rather than any attempting to process them. Further, invalid server responses do not result in command completion anymore. Processing out-of-order commands or...
FreeBSD : zeek -- potential DoS vulnerability (d47b7ae7-fe1d-4f7f-919a-480ca8035f00)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d47b7ae7-fe1d-4f7f-919a-480ca8035f00 advisory. Tim Wojtulewicz of Corelight reports: The POP3 parser has been hardened to avoid unbounded state growth...
zeek -- potential DoS vulnerability
Tim Wojtulewicz of Corelight reports: The POP3 parser has been hardened to avoid unbounded state growth in the face of one-sided traffic capture or when enabled for non-POP3 traffic...
JA4+ - Suite Of Network Fingerprinting Standards
JA4+ is a suite of network Fingerprinting methods that are easy to use and easy to share. These methods are both human and machine readable to facilitate more effective threat-hunting and analysis. The use-cases for these fingerprints include scanning for threat actors, malware detection, session...
The vulnerability of the Zeek plugin for industrial system management protocols ICSNPP-Ethercat, which involves reading data beyond the buffer in memory, allows attackers to cause service failures or gain unauthorized access to protected information.
The vulnerability of the Zeek plugin for industrial system management protocols ICSNPP-Ethercat relates to the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or gain unauthorized access to protected information...
The vulnerability of the Zeek plugin for industrial control systems’ network protocols (ICSNPP-Ethercat) relates to writing beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.
The vulnerability of the Zeek plugin for industrial control systems’ network protocols ICSNPP-Ethercat is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Zeek plugin for industrial system control protocols (ICSNPP-Ethercat) relates to writing beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.
The vulnerability of the Zeek plugin for industrial control systems’ network protocols ICSNPP-Ethercat is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Exploit for CVE-2021-38647
CVE-2021-38647 AKA "OMIGOD" A Zeek package which detects CVE-2...
CVE-2023-7243
Industrial Control Systems Network Protocol Parsers ICSNPP - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write while analyzing specific Ethercat datagrams. This could allow an attacker to cause arbitrary code execution...
CVE-2023-7243
Industrial Control Systems Network Protocol Parsers ICSNPP - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write while analyzing specific Ethercat datagrams. This could allow an attacker to cause arbitrary code execution...
CVE-2023-7244
Industrial Control Systems Network Protocol Parsers ICSNPP - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write in their primary analyses function for Ethercat communication packets. This could allow an attacker to cause arbitrary code execution...
CVE-2023-7242
Industrial Control Systems Network Protocol Parsers ICSNPP - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds read during the process of analyzing a specific Ethercat packet. This could allow an attacker to crash the Zeek process and leak some information in memory...
CVE-2023-7242
Industrial Control Systems Network Protocol Parsers ICSNPP - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds read during the process of analyzing a specific Ethercat packet. This could allow an attacker to crash the Zeek process and leak some information in memory...
Out-of-bounds
Industrial Control Systems Network Protocol Parsers ICSNPP - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds read during the process of analyzing a specific Ethercat packet. This could allow an attacker to crash the Zeek process and leak some information in memory...
Out-of-bounds
Industrial Control Systems Network Protocol Parsers ICSNPP - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write while analyzing specific Ethercat datagrams. This could allow an attacker to cause arbitrary code execution...
CVE-2023-7242 Ethercat Zeek Plugin Out-of-bounds Read
Industrial Control Systems Network Protocol Parsers ICSNPP - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds read during the process of analyzing a specific Ethercat packet. This could allow an attacker to crash the Zeek process and leak some information in memory...
CVE-2023-7242
CVE-2023-7242 affects the ICSNPP Ethercat Zeek Plugin for Zeek (versions d78dda6 and prior). The vulnerability is an out-of-bounds read in the Ethercat packet analysis path, which can crash the Zeek process and may leak information in memory. Mitigation: update to commit 3bca34c or later. ICS adv...