1637 matches found
Syslog-ng: Denial of service
Background Syslog-ng is a flexible and scalable system logger. Description Oriol Carreras reported a NULL pointer dereference in the logmsgparse function when processing timestamps without a terminating whitespace character. Impact A remote attacker could send a specially crafted event to a...
DTSA-105-1 syslog-ng - remote denial of service
Bulletin has no description...
CVE-2007-6437
Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows remote attackers to cause a denial of service crash via a message with a timestamp that does not contain a trailing space, which triggers a NULL pointer dereference...
CVE-2007-6437
Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows remote attackers to cause a denial of service crash via a message with a timestamp that does not contain a trailing space, which triggers a NULL pointer dereference...
DEBIAN-CVE-2007-6437
Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows remote attackers to cause a denial of service crash via a message with a timestamp that does not contain a trailing space, which triggers a NULL pointer dereference...
CVE-2007-6437
Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows remote attackers to cause a denial of service crash via a message with a timestamp that does not contain a trailing space, which triggers a NULL pointer dereference...
Null pointer dereference
Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows remote attackers to cause a denial of service crash via a message with a timestamp that does not contain a trailing space, which triggers a NULL pointer dereference...
CVE-2007-6437
Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows remote attackers to cause a denial of service crash via a message with a timestamp that does not contain a trailing space, which triggers a NULL pointer dereference...
CVE-2007-6437
CVE-2007-6437 affects Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8. It allows a remote attacker to cause a crash (denial of service) via a message with a timestamp that does not contain a trailing space, which triggers a NULL pointer dereference. The vulnerability is mitigated by u...
CVE-2007-6437
Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows remote attackers to cause a denial of service crash via a message with a timestamp that does not contain a trailing space, which triggers a NULL pointer dereference...
CVE-2007-6437
Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows remote attackers to cause a denial of service crash via a message with a timestamp that does not contain a trailing space, which triggers a NULL pointer dereference...
syslog-ng DoS
NULL pointer dereference on malformed timestamp format...
ZSA-2007-029: syslog-ng Denial of Service
-------- Z o r p S e c u r i t y A d v i s o r y Z S A ------------ PACKAGE : syslog-ng, syslog-ng-premium-edition AFFECTED VERSION : = 2.0.6, 2.1.8 FIXED : 2.0.6, 2.1.8 SUMMARY : Denial of Service TYPE : remote AFFECTED : all platforms ZSA-ID : ZSA-2007-029 DATE : Dec 14, 2007...
BalaBit IT Security syslog-ng NULL指针引用拒绝服务漏洞
BalaBit IT Security syslog-ng是一款系统日志记录工具, 可用于替代标准的Unix系统日志记录程序syslogd。 syslog-ng处理消息时间戳存在问题,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 如果入站消息的时间戳不以空格字符结尾,就会导致NULL指针引用而造成应用程序崩溃。 Balabit syslog-ng 2.1.7 Balabit syslog-ng 2.1.6 Balabit syslog-ng 2.1.5 Balabit syslog-ng 2.1.4 Balabit syslog-ng 2.1.3 Balabit syslog-ng...
Format string
Format string vulnerability in srsexec in Sun Remote Services SRS Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core SUNWsrspx package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog...
CVE-2007-3880
CVE-2007-3880 is a format-string vulnerability in the srsexec binary of Sun Remote Services Net Connect (SUNWsrspx), affecting Solaris 8/9/10 via NetConnect 3.2.3/3.2.4. An attacker with local access to a set-UID root srsexec can trigger syslog handling of crafted input containing format specifie...
CVE-2007-3880
Format string vulnerability in srsexec in Sun Remote Services SRS Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core SUNWsrspx package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog...
Sun Solaris SRS Proxy Core
srsexec syslog call format string vulnerability...
CVE-2003-1518
CVE-2003-1518 affects Adiscon WinSyslog 4.21 SP1. A remote attacker can cause a denial of service by sending a long syslog message, leading to CPU consumption or the system freeze. Public sources describe the vulnerable component as WinSyslog’s handling of syslog input over the network (default p...
PHP Project Management <= 0.8.10 Multiple RFI / LFI Vulnerabilities
Exploit for unknown platform in category web applications =================================================================== PHP Project Management = 0.8.10 Multiple RFI / LFI Vulnerabilities =================================================================== PHP Project Management = 0.8.10...