Detecting GnuTLS CVE-2020-13777 using Zeek

By Johanna Amann, Software Engineer, Corelight CVE-2020-13777 is a high severity issue in GnuTLS. In a nutshell, GnuTLS versions between 3.6.4 (released 2018-09-24) and 3.6.14 (2020-06-03) have a serious bug in their session resumption code, which lets… Continue reading Detecting GnuTLS CVE-2020-13777 using Zeek

Detecting the New CallStranger UPnP Vulnerability With Zeek

By Ryan Victory, Corelight Security Researcher On June 8, Yunus Çadırcı, a cybersecurity senior manager at EY Turkey released a whitepaper and proof of concept code repository for a newly discovered vulnerability in the Universal Plug an… Continue reading Detecting the New CallStranger UPnP Vulnerability With Zeek