Lucene search
+L

143 matches found

nvd
nvd
added 2026/07/09 3:16 p.m.14 views

CVE-2026-60108

Zeek before 8.0.9 contains an uncontrolled memory consumption vulnerability in the FTP analyzer that allows unauthenticated remote attackers to cause process termination by sending a crafted FTP control session negotiating AUTH GSSAPI followed by a large ADAT control line. Attackers can exploit t...

8.7CVSS0.00436EPSS
Exploits0References3
nvd
nvd
added 2026/07/09 3:16 p.m.8 views

CVE-2026-60109

Zeek before 8.0.9 contains a null pointer dereference vulnerability in its Kerberos protocol analyzer that allows unauthenticated remote attackers to crash the sensor by sending a crafted KRBERROR message with error-code 25 KDCERRPREAUTHREQUIRED containing a PA-DATA element with padata-type 2, 3,...

8.7CVSS0.00502EPSS
Exploits0References3
cvelist
cvelist
added 2026/07/09 2:19 p.m.39 views

CVE-2026-60109 Zeek < 8.0.9 Null Pointer Dereference DoS via Kerberos KRB_ERROR Parsing

Zeek before 8.0.9 contains a null pointer dereference vulnerability in its Kerberos protocol analyzer that allows unauthenticated remote attackers to crash the sensor by sending a crafted KRBERROR message with error-code 25 KDCERRPREAUTHREQUIRED containing a PA-DATA element with padata-type 2, 3,...

8.7CVSS0.00502EPSS
Exploits0References3
cve
cve
added 2026/07/09 2:16 p.m.20 views

CVE-2026-60108

Zeek prior to 8.0.9 contains an uncontrolled memory consumption vulnerability in the FTP analyzer. An unauthenticated remote attacker can trigger a DoS by initiating an FTP control session that negotiates AUTH GSSAPI, then sends a large ADAT control line. The NVT_Analyzer does not enforce a maxim...

8.7CVSS6.2AI score0.00436EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2026/07/09 2:16 p.m.39 views

CVE-2026-60108 Zeek < 8.0.9 Uncontrolled Memory Consumption DoS via FTP Analyzer

Zeek before 8.0.9 contains an uncontrolled memory consumption vulnerability in the FTP analyzer that allows unauthenticated remote attackers to cause process termination by sending a crafted FTP control session negotiating AUTH GSSAPI followed by a large ADAT control line. Attackers can exploit t...

8.7CVSS0.00436EPSS
Exploits0References3
euvd
euvd
added 2026/07/09 2:16 p.m.10 views

EUVD-2026-42597

Zeek before 8.0.9 contains an uncontrolled memory consumption vulnerability in the FTP analyzer that allows unauthenticated remote attackers to cause process termination by sending a crafted FTP control session negotiating AUTH GSSAPI followed by a large ADAT control line. Attackers can exploit t...

8.7CVSS6.2AI score0.00436EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/07/09 2:16 p.m.7 views

CVE-2026-60108 Zeek < 8.0.9 Uncontrolled Memory Consumption DoS via FTP Analyzer

Zeek before 8.0.9 contains an uncontrolled memory consumption vulnerability in the FTP analyzer that allows unauthenticated remote attackers to cause process termination by sending a crafted FTP control session negotiating AUTH GSSAPI followed by a large ADAT control line. Attackers can exploit t...

8.7CVSS6.2AI score0.00436EPSS
Exploits0References3
osv
osv
added 2026/07/09 2:16 p.m.4 views

CVE-2026-60108 Zeek < 8.0.9 Uncontrolled Memory Consumption DoS via FTP Analyzer

Zeek before 8.0.9 contains an uncontrolled memory consumption vulnerability in the FTP analyzer that allows unauthenticated remote attackers to cause process termination by sending a crafted FTP control session negotiating AUTH GSSAPI followed by a large ADAT control line. Attackers can exploit t...

8.7CVSS6.2AI score0.00436EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/07/09 12:0 a.m.10 views

PT-2026-56810

Name of the Vulnerable Software and Affected Versions Zeek versions prior to 8.0.9 Description A null pointer dereference exists in the Kerberos protocol analyzer. An unauthenticated remote attacker can cause the sensor to crash by sending a specially crafted KRB ERROR message with error-code 25...

8.7CVSS6.1AI score0.00502EPSS
Exploits0References5
packetstormnews
packetstormnews
added 2026/05/13 12:0 a.m.12 views

Zeek 8.0.8

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...

5.9AI score
Exploits0
nessus
nessus
added 2026/05/13 12:0 a.m.8 views

FreeBSD : zeek -- potential DoS vulnerability (e665f0a2-fe6d-44b0-ba9e-d383f055a8a3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e665f0a2-fe6d-44b0-ba9e-d383f055a8a3 advisory. Wojtulewicz of Corelight reports: A specially-crafted series of MIME headers sent via SMTP or HTTP coul...

5.9AI score
Exploits0References2
nessus
nessus
added 2026/04/21 12:0 a.m.3 views

FreeBSD : zeek -- potential DoS vulnerabilities (0d8b1126-0864-4934-b63f-c713526ead32)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 0d8b1126-0864-4934-b63f-c713526ead32 advisory. Tim Wojtulewicz of Corelight reports: A series of DNS messages containing long DNS compression chains c...

5.8AI score
Exploits0References2
packetstormnews
packetstormnews
added 2026/04/20 12:0 a.m.7 views

Zeek 8.0.7

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...

5.8AI score
Exploits0
packetstormnews
packetstormnews
added 2026/02/27 12:0 a.m.6 views

Exploring Robust Intrusion Detection: A Benchmark Study of Feature Transferability in IoT Botnet Attack Detection

Cross-domain intrusion detection remains a critical challenge due to significant variability in network traffic characteristics and feature distributions across environments. This study evaluates the transferability of three widely used flow-based feature sets Argus, Zeek and CICFlowMeter across...

6AI score
Exploits0
packetstormnews
packetstormnews
added 2026/01/30 12:0 a.m.6 views

Zeek 8.0.6

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...

6AI score
Exploits0
nessus
nessus
added 2026/01/30 12:0 a.m.3 views

FreeBSD : zeek -- potential DoS vulnerability (8173e68a-88f3-4862-882c-6e58779d98e7)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8173e68a-88f3-4862-882c-6e58779d98e7 advisory. Tim Wojtulewicz of Corelight reports: Zeek's HTTP analyzer can be tricked into interpreting...

5.9AI score
Exploits0References2
freebsd
freebsd
added 2026/01/29 12:0 a.m.9 views

zeek -- potential DoS vulnerability

Tim Wojtulewicz of Corelight reports: Zeek's HTTP analyzer can be tricked into interpreting Transfer-Encoding or Content-Length headers set in MIME entities within HTTP bodies and change the analyzer behavior...

5.9AI score
Exploits0References1
packetstormnews
packetstormnews
added 2026/01/13 12:0 a.m.8 views

Zeek 8.0.5

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...

7AI score
Exploits0
redhatcve
redhatcve
added 2026/01/07 9:26 a.m.9 views

CVE-2019-12175

In Zeek Network Security Monitor formerly known as Bro before 2.6.2, a NULL pointer dereference in the Kerberos aka KRB protocol parser leads to DoS because a case-type index is mishandled...

7.5CVSS6.7AI score0.01411EPSS
Exploits0References1
packetstormnews
packetstormnews
added 2025/11/10 12:0 a.m.5 views

Zeek 8.0.4

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...

7AI score
Exploits0
Rows per page
Query Builder