Lucene search

PRIOn knowledge basePRION:CVE-2007-6437

HistoryDec 19, 2007 - 9:46 p.m.

Null pointer dereference

2007-12-1921:46:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

High

0.497 Medium

EPSS

Percentile

97.5%

JSON

Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows remote attackers to cause a denial of service (crash) via a message with a timestamp that does not contain a trailing space, which triggers a NULL pointer dereference.

CPENameOperatorVersion
syslog-ng_open_source_editionle2.0.6
syslog-ng_premium_editionle2.1.8

CPE	Name	Operator	Version
	syslog-ng_open_source_edition	le	2.0.6
	syslog-ng_premium_edition	le	2.1.8

References

seclists.org/bugtraq/2007/Dec/0202.html

secunia.com/advisories/28118

secunia.com/advisories/28279

secunia.com/advisories/28372

secunia.com/advisories/28483

security.gentoo.org/glsa/glsa-200712-19.xml

securitytracker.com/id?1019105

www.debian.org/security/2008/dsa-1464

www.osvdb.org/39551

www.securityfocus.com/archive/1/485181/100/0/threaded

www.securityfocus.com/bid/26897

www.vupen.com/english/advisories/2007/4257

bugzilla.redhat.com/show_bug.cgi?id=426173

exchange.xforce.ibmcloud.com/vulnerabilities/39082

www.redhat.com/archives/fedora-package-announce/2008-January/msg00606.html

www.redhat.com/archives/fedora-package-announce/2008-January/msg00610.html