oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request -- syslog-ng -- Possible DoS

From: Szalay Attila <sasa () balabit hu>
Date: Thu, 26 May 2011 13:09:12 +0200
Hi All,

In syslog-ng if a recent enough libpcre is installed (ie. 8.12 or newer)
there is a possible Denial of Service.

In our (BalaBit) opinion tis is not a big security issue, because if you
use the vulnerable setting you will run into the DoS for sure without
any malicious attack.

The attack vector is that the attacker send a message which the regexp
not match. 

But because of this bug get this amount of attention, it' may worth the
CVE id.

References:
http://git.balabit.hu/?p=bazsi/syslog-ng-3.2.git;a=commit;h=09710c0b105e579d35c7b5f6c66d1ea5e3a3d3ff
http://www.securityfocus.com/bid/47800/


-- 
Szalay Attila
BalaBit IT Kft.
Security Team Leader
Previous By Date Next
Previous By Thread Next

Current thread: