Detections
Analytics

FreeBSD : bro -- integer overflow allows remote DOS (044cff62-ed8b-4e72-b102-18a7d58a669f)

high Nessus Plugin ID 106879

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Philippe Antoine of Catena cyber :

This is a security release that fixes an integer overflow in code generated by binpac. This issue can be used by remote attackers to crash Bro (i.e. a DoS attack). There also is a possibility this can be exploited in other ways. (CVE pending.)

Solution

Update the affected package.

See Also

https://blog.zeek.org//2018/02/bro-253-released-security-update.html

http://www.nessus.org/u?1a70ce26

Plugin Details

Severity: High

ID: 106879

File Name: freebsd_pkg_044cff62ed8b4e72b10218a7d58a669f.nasl

Version: 3.3

Type: local

Published: 2/20/2018

Updated: 12/19/2018

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:bro, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2/16/2018

Vulnerability Publication Date: 2/14/2018