CVE-2000-1165
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
09/01/2001
Last modified:
03/04/2025
Description
Balabit syslog-ng allows remote attackers to cause a denial of service (application crash) via a malformed log message that does not have a closing > in the priority specifier.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:balabit:syslog-ng:*:*:*:*:*:*:*:* | 1.4.6 (including) | |
| cpe:2.3:a:balabit:syslog-ng:1.4.7:*:*:*:*:*:*:* | ||
| cpe:2.3:a:balabit:syslog-ng:1.4.8:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:02.syslog-ng.asc
- http://archives.neohapsis.com/archives/bugtraq/2000-11/0300.html
- http://www.balabit.hu/products/syslog-ng/
- http://www.securityfocus.com/bid/1981
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5576
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:02.syslog-ng.asc
- http://archives.neohapsis.com/archives/bugtraq/2000-11/0300.html
- http://www.balabit.hu/products/syslog-ng/
- http://www.securityfocus.com/bid/1981
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5576