analyzer/protocol/dnp3/DNP3.cc in Bro prior to 2.3.2 does not properly handle zero values of a packet length, which allows remote malicious users to cause a denial of service (buffer overflow or buffer over-read if NDEBUG; otherwise assertion failure) via a crafted DNP3 packet.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bro bro |