CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
73.3%
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka “logwatch log processing regular expression DoS.”
Vendor | Product | Version | CPE |
---|---|---|---|
logwatch | logwatch | 2.6.2 | cpe:2.3:a:logwatch:logwatch:2.6.2:*:*:*:*:*:*:* |
redhat | enterprise_linux | 2.1 | cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:* |
redhat | enterprise_linux | 2.1 | cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:* |
redhat | enterprise_linux | 2.1 | cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:* |
redhat | linux_advanced_workstation | 2.1 | cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:* |