5
CVSSv2

CVE-2018-16807

Published: 11/09/2018 Updated: 30/10/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

In Bro up to and including 2.5.5, there is a memory leak potentially leading to DoS in scripts/base/protocols/krb/main.bro in the Kerberos protocol parser.

Vulnerability Trend

Affected Products

Vendor Product Versions
BroBro2.5.5

Vendor Advisories

Debian Bug report logs - #908614 bro: CVE-2018-16807: memory leak in kerberos scripts Package: src:bro; Maintainer for src:bro is Hilko Bengen <bengen@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 11 Sep 2018 19:33:01 UTC Severity: important Tags: patch, security, upstream Found in ve ...
Debian Bug report logs - #908779 bro: CVE-2018-17019: Fix IRC names command parsing Package: src:bro; Maintainer for src:bro is Hilko Bengen <bengen@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 13 Sep 2018 20:42:02 UTC Severity: important Tags: patch, security, upstream Found in ver ...

Github Repositories

Manul Manul is a coverage-guided parallel fuzzer for open-source and blackbox binaries on Windows, Linux and MacOS (beta) written in pure Python Quick Start pip3 install psutil git clone githubcom/mxmssh/manul cd manul mkdir in mkdir out echo "AAAAAA" > in/test python3 manulpy -i in -o out -n 4 "linux/test_afl @@" Installing Radamsa sudo