Buffer overflow

2011-09-2719:55:00

PRIOn knowledge base

www.prio-n.com

8.8 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.4%

JSON

Multiple buffer overflows in the Syslog server in ManageEngine EventLog Analyzer 6.1 allow remote attackers to cause a denial of service (SysEvttCol.exe process crash) or possibly execute arbitrary code via a long Syslog PRI message header to UDP port (1) 513 or (2) 514. Fixed in 7.2 Build 7020.

CPENameOperatorVersion
eventlog_analyzereq6.1

CPE	Name	Operator	Version
	eventlog_analyzer	eq	6.1

References

www.solutionary.com/index/SERT/Vuln-Disclosures/ManageEngine-Eventlog-Analyzer-Syslog-Renite-DoS-vuln.html