CVE-2015-1521

Name of the Vulnerable Software and Affected Versions Bro versions prior to 2.3.2

Description The issue arises from improper handling of zero values of a packet length in the DNP3 protocol analyzer, allowing remote attackers to cause a denial of service. This can result in a buffer overflow or buffer over-read if NDEBUG is defined; otherwise, it leads to an assertion failure. The attack is facilitated by a crafted DNP3 packet.

Recommendations For versions prior to 2.3.2, update to version 2.3.2 or later to resolve the issue.