oss-sec mailing list archives
Re: CVE Request -- syslog-ng -- Possible DoS
From: Josh Bressers <bressers () redhat com>
Date: Tue, 31 May 2011 16:18:50 -0400 (EDT)
----- Original Message -----
Hi All, In syslog-ng if a recent enough libpcre is installed (ie. 8.12 or newer) there is a possible Denial of Service. In our (BalaBit) opinion tis is not a big security issue, because if you use the vulnerable setting you will run into the DoS for sure without any malicious attack. The attack vector is that the attacker send a message which the regexp not match. But because of this bug get this amount of attention, it' may worth the CVE id. References: http://git.balabit.hu/?p=bazsi/syslog-ng-3.2.git;a=commit;h=09710c0b105e579d35c7b5f6c66d1ea5e3a3d3ff http://www.securityfocus.com/bid/47800/
Please use CVE-2011-1951. Thanks. -- JB
Current thread:
- CVE Request -- syslog-ng -- Possible DoS Szalay Attila (May 26)
- Re: CVE Request -- syslog-ng -- Possible DoS Josh Bressers (May 31)