BRO : Security Vulnerabilities, CVEs,

CVE-2018-17019

In Bro through 2.5.5, there is a DoS in IRC protocol names command parsing in analyzer/protocol/irc/IRC.cc.
Max CVSS
7.5
EPSS Score
0.12%
Published
2018-09-13
Updated
2018-11-21

CVE-2018-16807

In Bro through 2.5.5, there is a memory leak potentially leading to DoS in scripts/base/protocols/krb/main.bro in the Kerberos protocol parser.
Max CVSS
7.5
EPSS Score
0.09%
Published
2018-09-11
Updated
2019-10-03

CVE-2017-1000458

Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the ContentLine analyzer allowing remote attackers to cause a denial of service (crash) and possibly other exploitation.
Max CVSS
9.8
EPSS Score
0.29%
Published
2018-01-02
Updated
2018-01-16

CVE-2015-1522

analyzer/protocol/dnp3/DNP3.cc in Bro before 2.3.2 does not reject certain non-zero values of a packet length, which allows remote attackers to cause a denial of service (buffer overflow or buffer over-read) via a crafted DNP3 packet.
Max CVSS
7.5
EPSS Score
0.26%
Published
2017-04-24
Updated
2017-04-27

CVE-2015-1521

analyzer/protocol/dnp3/DNP3.cc in Bro before 2.3.2 does not properly handle zero values of a packet length, which allows remote attackers to cause a denial of service (buffer overflow or buffer over-read if NDEBUG; otherwise assertion failure) via a crafted DNP3 packet.
Max CVSS
7.5
EPSS Score
0.26%
Published
2017-04-24
Updated
2017-04-27
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close