Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
security/vuxml: Mark zeek < 5.0.7 as vulnerable as per:
https://github.com/zeek/zeek/releases/tag/v5.0.7 This release fixes the following potential DoS vulnerabilities: - Receiving DNS responses from async DNS requests (via the lookup_addr, etc BIF methods) with the TTL set to zero could cause the DNS manager to eventually stop being able to make new requests. - Specially-crafted FTP packets with excessively long usernames, passwords, or other fields could cause log writes to use large amounts of disk space. - The find_all and find_all_ordered BIF methods could take extremely large amounts of time to process incoming data depending on the size of the input. Reported by: Tim Wojtulewicz
- Loading branch information