Lucene search
K

134 matches found

GithubExploit
GithubExploit
added 2021/12/20 6:51 p.m.1101 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

SnapAttack Log4j / CVE-2021-44228 / log4shell Resources Wh...

10CVSS9.1AI score0.99999EPSS
Exploits348
GithubExploit
GithubExploit
added 2021/12/13 5:25 p.m.365 views

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228 A Zeek package which raises notices, tags HTTP...

10CVSS9.3AI score0.99999EPSS
Exploits348
Tenable Nessus
Tenable Nessus
added 2021/10/01 12:0 a.m.10 views

FreeBSD : zeek -- several vulnerabilities (d4d21998-bdc4-4a09-9849-2898d9b41459)

Tim Wojtulewicz of Corelight reports : Paths from log stream make it into system unchecked, potentially leading to commands being run on the system unintentionally. This requires either bad scripting or a malicious package to be installed, and is considered low severity. Fix potential unbounded...

5.4AI score
Exploits0References2
OSV
OSV
added 2021/09/29 7:15 p.m.4 views

CVE-2021-41732

An issue was discovered in zeek version 4.1.0. There is a HTTP request splitting vulnerability that will invalidate any ZEEK HTTP based security analysis. NOTE: the vendor's position is that the observed behavior is intended...

7.5CVSS6.8AI score
Exploits0References1
NVD
NVD
added 2021/09/29 7:15 p.m.18 views

CVE-2021-41732

An issue was discovered in zeek version 4.1.0. There is a HTTP request splitting vulnerability that will invalidate any ZEEK HTTP based security analysis. NOTE: the vendor's position is that the observed behavior is intended...

8.2CVSS0.0085EPSS
Exploits1References1
Prion
Prion
added 2021/09/29 7:15 p.m.12 views

Cross site request forgery (csrf)

DISPUTED An issue was discovered in zeek version 4.1.0. There is a HTTP request splitting vulnerability that will invalidate any ZEEK HTTP based security analysis. NOTE: the vendor's position is that the observed behavior is intended...

5CVSS7.5AI score0.0085EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2021/09/29 7:15 p.m.24 views

CVE-2021-41732

An issue was discovered in zeek version 4.1.0. There is a HTTP request splitting vulnerability that will invalidate any ZEEK HTTP based security analysis. NOTE: the vendor's position is that the observed behavior is intended...

8.2CVSS7.1AI score0.0085EPSS
Exploits1References2
CVE
CVE
added 2021/09/29 6:34 p.m.54 views

CVE-2021-41732

CVE-2021-41732 affects Zeek 4.1.0 and is described as a HTTP request splitting vulnerability that will invalidate any Zeek HTTP-based security analysis. The observed behavior is noted by the vendor as intended in Zeek. The connected documents consistently reference Zeek 4.1.0 and the HTTP-splitti...

8.2CVSS7.5AI score0.0085EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2021/09/29 6:34 p.m.13 views

CVE-2021-41732

Removed by vendor...

8.2CVSS7.6AI score0.0085EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2021/09/29 6:34 p.m.11 views

CVE-2021-41732

An issue was discovered in zeek version 4.1.0. There is a HTTP request splitting vulnerability that will invalidate any ZEEK HTTP based security analysis. NOTE: the vendor's position is that the observed behavior is intended...

6.9AI score0.0085EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/09/29 6:34 p.m.18 views

CVE-2021-41732

An issue was discovered in zeek version 4.1.0. There is a HTTP request splitting vulnerability that will invalidate any ZEEK HTTP based security analysis. NOTE: the vendor's position is that the observed behavior is intended...

7.7AI score0.0085EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2021/09/29 12:0 a.m.3 views

PT-2021-23387 · Zeek · Zeek

Name of the Vulnerable Software and Affected Versions: zeek version 4.1.0 Description: An issue was discovered in zeek that involves a HTTP request splitting vulnerability. This vulnerability will invalidate any ZEEK HTTP based security analysis. Recommendations: For zeek version 4.1.0, at the...

8.2CVSS7AI score0.0085EPSS
Exploits1References7
CNNVD
CNNVD
added 2021/09/29 12:0 a.m.5 views

Zeek 环境问题漏洞

Zeek is a powerful network analysis framework. An environment issue vulnerability exists in zeek version 4.1.0 that will invalidate any security analysis based on ZEEK HTTP...

8.2CVSS7.3AI score0.0085EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2021/09/22 3:20 p.m.99 views

Exploit for CVE-2021-38647

cve-2021-38647 https://github.com/corelight/CVE-2021-38647 wit...

9.8CVSS7.9AI score0.99723EPSS
Exploits19
GithubExploit
GithubExploit
added 2021/09/15 4:51 a.m.154 views

Exploit for CVE-2021-38647

CVE-2021-38647 AKA "OMIGOD" A Zeek package which detects CVE-2...

9.8CVSS7.6AI score0.99723EPSS
Exploits19
FreeBSD
FreeBSD
added 2021/08/26 12:0 a.m.12 views

zeek -- several vulnerabilities

Tim Wojtulewicz of Corelight reports: Paths from log stream make it into system unchecked, potentially leading to commands being run on the system unintentionally. This requires either bad scripting or a malicious package to be installed, and is considered low severity. Fix potential unbounded...

1.2AI score
Exploits0References1
Richard Bejtlich's blog
Richard Bejtlich's blog
added 2021/07/29 6:34 p.m.63 views

Zeek in Action Videos

This is a quick note to point blog readers to my Zeek in Action YouTube video series for the Zeek network security monitoring project. Each video addresses a topic that I think might be of interest to people trying to understand their network using Zeek and adjacent tools and approaches, like...

7.3AI score
Exploits0
GithubExploit
GithubExploit
added 2021/07/02 4:44 p.m.317 views

Exploit for CVE-2021-1675

PrintNightmare CVE-2021-1675 This Zeek script detects succe...

9.3CVSS8.8AI score0.99759EPSS
Exploits75
Tenable Nessus
Tenable Nessus
added 2021/06/03 12:0 a.m.10 views

FreeBSD : zeek -- several potential DoS vulnerabilities (a550d62c-f78d-4407-97d9-93876b6741b9)

Tim Wojtulewicz of Corelight reports : Fix potential Undefined Behavior in decodenetbiosname and decodenetbiosnametype BIFs. The latter has a possibility of a remote heap-buffer-overread, making this a potential DoS vulnerability. Add some extra length checking when parsing mobile ipv6 packets. D...

5.5AI score
Exploits0References2
GithubExploit
GithubExploit
added 2021/05/17 11:54 p.m.191 views

Exploit for Use After Free in Microsoft

CVE-2021-31166 Detection of attempts to exploit CVE-2021-31166...

9.8CVSS9.1AI score0.99718EPSS
Exploits24
Rows per page
Query Builder