FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

zeek -- potential DoS vulnerability

Affected packages
zeek < 8.0.6

Details

VuXML ID 8173e68a-88f3-4862-882c-6e58779d98e7
Discovery 2026-01-29
Entry 2026-01-29

Tim Wojtulewicz of Corelight reports:

Zeek's HTTP analyzer can be tricked into interpreting Transfer-Encoding or Content-Length headers set in MIME entities within HTTP bodies and change the analyzer behavior.

[source]

References

URL https://github.com/zeek/zeek/releases/tag/v8.0.6

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.