FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

bro -- integer overflow allows remote DOS

Affected packages
bro < 2.5.3

Details

VuXML ID 044cff62-ed8b-4e72-b102-18a7d58a669f
Discovery 2018-02-14
Entry 2018-02-16

Philippe Antoine of Catena cyber:

This is a security release that fixes an integer overflow in code generated by binpac. This issue can be used by remote attackers to crash Bro (i.e. a DoS attack). There also is a possibility this can be exploited in other ways. (CVE pending.)

References

URL http://blog.bro.org/2018/02/bro-253-released-security-update.html