Executive Summary
| Summary | |
|---|---|
| Title | New syslog-ng packages fix denial of service |
| Informations | |||
|---|---|---|---|
| Name | DSA-1464 | First vendor Publication | 2008-01-15 |
| Vendor | Debian | Last vendor Modification | 2008-01-15 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Oriol Carreras discovered that syslog-ng, a next generation logging daemon can be tricked into dereferencing a NULL pointer through malformed timestamps, which can lead to denial of service and the disguise of an subsequent attack, which would otherwise be logged. For the unstable distribution (sid), this problem has been fixed in version 2.0.6-1. For the stable distribution (etch), this problem has been fixed in version 2.0.0-1etch1. The old stable distribution (sarge) is not affected. We recommend that you upgrade your syslog-ng package. |
Original Source
| Url : http://www.debian.org/security/2008/dsa-1464 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:20146 | |||
| Oval ID: | oval:org.mitre.oval:def:20146 | ||
| Title: | DSA-1464-1 syslog-ng - denial of service | ||
| Description: | Oriol Carreras discovered that syslog-ng, a next generation logging daemon can be tricked into dereferencing a NULL pointer through malformed timestamps, which can lead to denial of service and the disguise of an subsequent attack, which would otherwise be logged. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1464-1 CVE-2007-6437 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | syslog-ng |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:8172 | |||
| Oval ID: | oval:org.mitre.oval:def:8172 | ||
| Title: | DSA-1464 syslog-ng -- null pointer dereference | ||
| Description: | Oriol Carreras discovered that syslog-ng, a next generation logging daemon can be tricked into dereferencing a NULL pointer through malformed timestamps, which can lead to denial of service and the disguise of a subsequent attack, which would otherwise be logged. The old stable distribution (sarge) is not affected. For the stable distribution (etch), this problem has been fixed in version 2.0.0-1etch1. For the unstable distribution (sid), this problem has been fixed in version 2.0.6-1. We recommend that you upgrade your syslog-ng package. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1464 CVE-2007-6437 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | syslog-ng |
| Definition Synopsis: | |||
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-02-17 | Name : Fedora Update for syslog-ng FEDORA-2008-0523 File : nvt/gb_fedora_2008_0523_syslog-ng_fc8.nasl |
| 2009-02-17 | Name : Fedora Update for syslog-ng FEDORA-2008-0559 File : nvt/gb_fedora_2008_0559_syslog-ng_fc7.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200712-19 (syslog-ng) File : nvt/glsa_200712_19.nasl |
| 2008-01-31 | Name : Debian Security Advisory DSA 1464-1 (syslog-ng) File : nvt/deb_1464_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 39551 | syslog-ng Crafted Timestamp NULL Pointer Dereference Remote DoS syslog-ng contains a flaw that may allow a remote denial of service. The issue is triggered when a crafted timestamp triggers a NULL pointer dereference , and will result in loss of availability for the service. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2008-01-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-0523.nasl - Type : ACT_GATHER_INFO |
| 2008-01-21 | Name : The remote Fedora host is missing a security update. File : fedora_2008-0559.nasl - Type : ACT_GATHER_INFO |
| 2008-01-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1464.nasl - Type : ACT_GATHER_INFO |
| 2007-12-31 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200712-19.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:27:13 |
|
