zeek -- potential DoS vulnerabilities
Tim Wojtulewicz of Corelight reports:
A specially-crafted series of FTP packets with a CMD
command with a large path followed by a very large number
of replies could cause Zeek to spend a long time processing
A specially-crafted with a truncated header can cause
Zeek to overflow memory and potentially crash.
A specially-crafted series of SMTP packets can cause
Zeek to generate a very large number of events and take
a long time to process them.
A specially-crafted series of POP3 packets containing
MIME data can cause Zeek to spend a long time dealing
with each individual file ID.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright