NULL Pointer Dereference in Zeek Network Security Monitor's Kerberos Protocol Parser Leading to Denial of Service (DoS)

NULL Pointer Dereference in Zeek Network Security Monitor's Kerberos Protocol Parser Leading to Denial of Service (DoS)

CVE-2019-12175 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

In Zeek Network Security Monitor (formerly known as Bro) before 2.6.2, a NULL pointer dereference in the Kerberos (aka KRB) protocol parser leads to DoS because a case-type index is mishandled.

Learn more about our Network Penetration Testing.