134 matches found
CVE-2023-7242
CVE-2023-7242 affects the ICSNPP Ethercat Zeek Plugin for Zeek (versions d78dda6 and prior). The vulnerability is an out-of-bounds read in the Ethercat packet analysis path, which can crash the Zeek process and may leak information in memory. Mitigation: update to commit 3bca34c or later. ICS adv...
CVE-2023-7243 Ethercat Zeek Plugin Out-of-bounds Write
Industrial Control Systems Network Protocol Parsers ICSNPP - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write while analyzing specific Ethercat datagrams. This could allow an attacker to cause arbitrary code execution...
CVE-2023-7243
CVE-2023-7243 affects the ICSNPP – Ethercat Zeek Plugin for Zeek, specifically versions d78dda6 and prior. The root cause is an out-of-bounds write during Ethercat datagram analysis, which the connected sources describe as enabling arbitrary code execution. Public disclosures and ICS advisories (...
CVE-2023-7244
Summary: CVE-2023-7244 affects the ICSNPP - Ethercat Zeek Plugin for Zeek, specifically version d78dda6 and earlier. The issue is an out-of-bounds write in the primary analyses function used for Ethercat traffic, which could enable remote arbitrary code execution. Source documents consistently de...
CVE-2023-7244 Ethercat Zeek Plugin Out-of-bounds Write
Industrial Control Systems Network Protocol Parsers ICSNPP - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds write in their primary analyses function for Ethercat communication packets. This could allow an attacker to cause arbitrary code execution...
Industrial Control Systems Network Protocol Parsers - Ethercat Zeek Plugin Buffer Error Vulnerability
Industrial Control Systems Network Protocol Parsers - Ethercat Zeek Plugin is a Zeek plugin from Zeek open source. A security vulnerability exists in Industrial Control Systems Network Protocol Parsers - Ethercat Zeek Plugin d78dda6 and prior versions, which stems from susceptibility to...
Industrial Control Systems Network Protocol Parsers - Ethercat Zeek Plugin Buffer Error Vulnerability
Industrial Control Systems Network Protocol Parsers - Ethercat Zeek Plugin is a Zeek plugin from Zeek open source. A buffer error vulnerability exists in Industrial Control Systems Network Protocol Parsers - Ethercat Zeek Plugin d78dda6 and prior versions, which stems from susceptibility to...
Industrial Control Systems Network Protocol Parsers - Ethercat Zeek Plugin Buffer Error Vulnerability
Industrial Control Systems Network Protocol Parsers - Ethercat Zeek Plugin is a Zeek plugin from Zeek open source. A buffer error vulnerability exists in Industrial Control Systems Network Protocol Parsers - Ethercat Zeek Plugin d78dda6 and prior versions, which stems from susceptibility to...
ICSNPP - Ethercat Zeek Plugin
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : CISA Equipment : Industrial Control Systems Network Protocol Parsers ICSNPP - Ethercat Plugin for Zeek Vulnerabilities : Out-of-bounds Write, Out-of-bounds Read 2. RISK EVALUATION Successful...
PT-2024-2141 · Zeek · Icsnpp - Ethercat Zeek Plugin
Name of the Vulnerable Software and Affected Versions: Industrial Control Systems Network Protocol Parsers ICSNPP - Ethercat Zeek Plugin versions d78dda6 and prior Description: The issue is related to an out-of-bounds write in the primary analyses function for Ethercat communication packets. This...
PT-2024-2175 · Zeek · Zeek Plugin
Name of the Vulnerable Software and Affected Versions: Zeek Plugin versions d78dda6 and prior Description: The issue is related to an out-of-bounds read during the analysis of a specific Ethercat packet, which could allow an attacker to crash the Zeek process and leak some information in memory...
PT-2024-2142 · Zeek · Icsnpp - Ethercat Zeek Plugin
Name of the Vulnerable Software and Affected Versions: Industrial Control Systems Network Protocol Parsers ICSNPP - Ethercat Zeek Plugin versions d78dda6 and prior Description: The issue is related to an out-of-bounds write while analyzing specific Ethercat datagrams, which could allow an attacke...
FreeBSD : zeek -- potential DoS vulnerability (fedf7e71-61bd-49ec-aaf0-6da14bdbb319)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fedf7e71-61bd-49ec-aaf0-6da14bdbb319 advisory. - Tim Wojtulewicz of Corelight reports: A specially-crafted series of packets containing nested MIME...
zeek -- potential DoS vulnerability
Tim Wojtulewicz of Corelight reports: A specially-crafted series of packets containing nested MIME entities can cause Zeek to spend large amounts of time parsing the entities...
zeek -- potential DoS vulnerabilities
Tim Wojtulewicz of Corelight reports: A specially-crafted SSL packet could cause Zeek to leak memory and potentially crash. A specially-crafted series of FTP packets could cause Zeek to log entries for requests that have already been completed, using resources unnecessarily and potentially causin...
FreeBSD : zeek -- potential DoS vulnerabilities (386a14bb-1a21-41c6-a2cf-08d79213379b)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 386a14bb-1a21-41c6-a2cf-08d79213379b advisory. - Tim Wojtulewicz of Corelight reports: A specially-crafted SSL packet could cause Zeek to leak memory...
FreeBSD : zeek -- potential DoS vulnerabilities (8eefa87f-31f1-496d-bf8e-2b465b6e4e8a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8eefa87f-31f1-496d-bf8e-2b465b6e4e8a advisory. - Tim Wojtulewicz of Corelight reports: File extraction limits were not correctly enforced for files...
zeek -- potential DoS vulnerabilities
Tim Wojtulewicz of Corelight reports: File extraction limits were not correctly enforced for files containing large amounts of missing bytes. Sessions are sometimes not cleaned up completely within Zeek during shutdown, potentially causing a crash when using the -B dpd flag for debug logging. A...
Key Network Questions
I wrote this on 7 December 2018 but never published it until today. The following are the "key network questions" which "would answer many key questions about a network, without having to access a third party log repository. This data is derived from mining Zeek log data as it is created, rather...
FreeBSD : zeek -- potential DoS vulnerabilities (1ab7357f-a3c2-406a-89fb-fd00e49a71b5)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1ab7357f-a3c2-406a-89fb-fd00e49a71b5 advisory. - Tim Wojtulewicz of Corelight reports: A specially-crafted series of FTP packets with a CMD command wi...