Detections
Analytics

FreeBSD : zeek -- Various vulnerabilities (2c92fdd3-896c-4a5a-a0d8-52acee69182d)

high Nessus Plugin ID 140472

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Jon Siwek of Corelight reports :

This release fixes the following security issue :

- The AYIYA and GTPv1 parsing/decapsulation logic may leak memory -- These leaks have potential for remote exploitation to cause Denial of Service via resource exhaustion.

Solution

Update the affected package.

See Also

https://github.com/zeek/zeek/releases/tag/v3.0.10

http://www.nessus.org/u?05c54f69

Plugin Details

Severity: High

ID: 140472

File Name: freebsd_pkg_2c92fdd3896c4a5aa0d852acee69182d.nasl

Version: 1.1

Type: local

Published: 9/10/2020

Updated: 9/10/2020

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:zeek, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 9/9/2020

Vulnerability Publication Date: 8/28/2020