Skip to content
Snippets Groups Projects
Commit 29ff3797 authored by Craig Leres's avatar Craig Leres
Browse files

security/vuxml: Mark zeek < 4.0.2 as vulnerable as per: 

    https://github.com/zeek/zeek/releases/tag/v4.0.2

 - Fix potential Undefined Behavior in decode_netbios_name() and
   decode_netbios_name_type() BIFs. The latter has a possibility
   of a remote heap-buffer-overread, making this a potential DoS
   vulnerability.

 - Add some extra length checking when parsing mobile ipv6 packets.
   Due to the possibility of reading invalid headers from remote
   sources, this is a potential DoS vulnerability.
parent 48f09edc
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 32 additions and 0 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment