8.7 HIGH
- CVSS version (CVSS): 4.0
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Attack Requirement (AT): None (N)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Vulnerable System Impact Confidentiality (VC): None (N)
- Vulnerable System Impact Integrity (VI): None (N)
- Vulnerable System Impact Availability (VA): High (H)
- Subsequent System Impact Confidentiality (SC): None (N)
- Subsequent System Impact Integrity (SI): None (N)
- Subsequent System Impact Availability (SA): None (N)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Attack Requirement (MAT): None (N)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Vulnerable System Impact Confidentiality (MVC): None (N)
- Modified Vulnerable System Impact Integrity (MVI): None (N)
- Modified Vulnerable System Impact Availability (MVA): High (H)
- Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
- Modified Subsequent System Impact Integrity (MSI): Negligible (N)
- Modified Subsequent System Impact Availability (MSA): Negligible (N)
- Safety (S): Not Defined (X)
- Automatable (AU): Not Defined (X)
- Recovery (R): Not Defined (X)
- Value Density (V): Not Defined (X)
- Vulnerability Response Effort (RE): Not Defined (X)
- Provider Urgency (U): Not Defined (X)
- Confidentiality Req. (CR): Not Defined (X)
- Integrity Req. (IR): Not Defined (X)
- Availability Req. (AR): Not Defined (X)
- Exploit Maturity (E): Not Defined (X)
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
6 packages
- zeekstd
- zeekscript
- python313Packages.zeek
- python314Packages.zeek
- python313Packages.tree-sitter-zeek
- python314Packages.tree-sitter-zeek
- @LeSuisse accepted
- @LeSuisse published on GitHub
Zeek < 8.0.9 Uncontrolled Memory Consumption DoS via FTP Analyzer
Zeek before 8.0.9 contains an uncontrolled memory consumption vulnerability in the FTP analyzer that allows unauthenticated remote attackers to cause process termination by sending a crafted FTP control session negotiating AUTH GSSAPI followed by a large ADAT control line. Attackers can exploit the NVT_Analyzer component's lack of a maximum line length check, causing it to continuously double its internal buffer without bounds during base64 decoding of an attacker-controlled ADAT token, resulting in denial of service of the Zeek sensor.
References
-
Release Notes release-notes
-
Patch Commit patch
-
https://www.vulncheck.com/advisories/zeek-uncontrolled-memory-consumption-dos-v… third-party-advisory
Affected products
- <8.0.9
Matching in nixpkgs
Ignored packages (6)
pkgs.zeekstd
CLI tool that works with the zstd seekable format
pkgs.zeekscript
Zeek script formatter and analyzer
pkgs.python313Packages.zeek
Zeek's Messaging Library
-
nixos-unstable 2.6.0-unstable-2025-04-23
- nixpkgs-unstable 2.6.0-unstable-2025-04-23
- nixos-unstable-small 2.6.0-unstable-2025-04-23
-
nixos-26.05 2.6.0-unstable-2025-04-23
- nixos-26.05-small 2.6.0-unstable-2025-04-23
- nixpkgs-26.05-darwin 2.6.0-unstable-2025-04-23
pkgs.python314Packages.zeek
Zeek's Messaging Library
-
nixos-unstable 2.6.0-unstable-2025-04-23
- nixpkgs-unstable 2.6.0-unstable-2025-04-23
- nixos-unstable-small 2.6.0-unstable-2025-04-23
-
nixos-26.05 2.6.0-unstable-2025-04-23
- nixos-26.05-small 2.6.0-unstable-2025-04-23
- nixpkgs-26.05-darwin 2.6.0-unstable-2025-04-23
pkgs.python313Packages.tree-sitter-zeek
Tree-sitter grammar for the Zeek scripting language
Package maintainers
-
@tobim Tobias Mayer <nix@tobim.fastmail.fm>
-
@pSub Pascal Wittmann <mail@pascal-wittmann.de>
8.7 HIGH
- CVSS version (CVSS): 4.0
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Attack Requirement (AT): None (N)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Vulnerable System Impact Confidentiality (VC): None (N)
- Vulnerable System Impact Integrity (VI): None (N)
- Vulnerable System Impact Availability (VA): High (H)
- Subsequent System Impact Confidentiality (SC): None (N)
- Subsequent System Impact Integrity (SI): None (N)
- Subsequent System Impact Availability (SA): None (N)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Attack Requirement (MAT): None (N)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Vulnerable System Impact Confidentiality (MVC): None (N)
- Modified Vulnerable System Impact Integrity (MVI): None (N)
- Modified Vulnerable System Impact Availability (MVA): High (H)
- Modified Subsequent System Impact Confidentiality (MSC): Negligible (N)
- Modified Subsequent System Impact Integrity (MSI): Negligible (N)
- Modified Subsequent System Impact Availability (MSA): Negligible (N)
- Safety (S): Not Defined (X)
- Automatable (AU): Not Defined (X)
- Recovery (R): Not Defined (X)
- Value Density (V): Not Defined (X)
- Vulnerability Response Effort (RE): Not Defined (X)
- Provider Urgency (U): Not Defined (X)
- Confidentiality Req. (CR): Not Defined (X)
- Integrity Req. (IR): Not Defined (X)
- Availability Req. (AR): Not Defined (X)
- Exploit Maturity (E): Not Defined (X)
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
6 packages
- zeekstd
- zeekscript
- python313Packages.zeek
- python314Packages.zeek
- python313Packages.tree-sitter-zeek
- python314Packages.tree-sitter-zeek
- @LeSuisse accepted
- @LeSuisse published on GitHub
Zeek < 8.0.9 Null Pointer Dereference DoS via Kerberos KRB_ERROR Parsing
Zeek before 8.0.9 contains a null pointer dereference vulnerability in its Kerberos protocol analyzer that allows unauthenticated remote attackers to crash the sensor by sending a crafted KRB_ERROR message with error-code 25 (KDC_ERR_PREAUTH_REQUIRED) containing a PA-DATA element with padata-type 2, 3, 11, or 19. Attackers can exploit a parser and analyzer state mismatch where proc_padata() dereferences an uninitialized pa_data_element field selected by the wrong parsing arm, triggering a crash via a single UDP or TCP packet to port 88 without any credentials or prior authentication.
References
-
Release Notes release-notes
-
Patch Commit patch
-
https://www.vulncheck.com/advisories/zeek-null-pointer-dereference-dos-via-kerb… third-party-advisory
Affected products
- <8.0.9
Matching in nixpkgs
Ignored packages (6)
pkgs.zeekstd
CLI tool that works with the zstd seekable format
pkgs.zeekscript
Zeek script formatter and analyzer
pkgs.python313Packages.zeek
Zeek's Messaging Library
-
nixos-unstable 2.6.0-unstable-2025-04-23
- nixpkgs-unstable 2.6.0-unstable-2025-04-23
- nixos-unstable-small 2.6.0-unstable-2025-04-23
-
nixos-26.05 2.6.0-unstable-2025-04-23
- nixos-26.05-small 2.6.0-unstable-2025-04-23
- nixpkgs-26.05-darwin 2.6.0-unstable-2025-04-23
pkgs.python314Packages.zeek
Zeek's Messaging Library
-
nixos-unstable 2.6.0-unstable-2025-04-23
- nixpkgs-unstable 2.6.0-unstable-2025-04-23
- nixos-unstable-small 2.6.0-unstable-2025-04-23
-
nixos-26.05 2.6.0-unstable-2025-04-23
- nixos-26.05-small 2.6.0-unstable-2025-04-23
- nixpkgs-26.05-darwin 2.6.0-unstable-2025-04-23
pkgs.python313Packages.tree-sitter-zeek
Tree-sitter grammar for the Zeek scripting language
Package maintainers
-
@tobim Tobias Mayer <nix@tobim.fastmail.fm>
-
@pSub Pascal Wittmann <mail@pascal-wittmann.de>