CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 1CVE-2022-38725
https://notcve.org/view.php?id=CVE-2022-38725
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected. Un desbordamiento de enteros en el analizador RFC3164 en One Identity syslog-ng 3.0 a 3.37 permite a atacantes remotos provocar una Denegación de Servicio a través de una entrada syslog manipulada que es mal manejada por el tcp o la función de red. syslog-ng Premium Edition 7.0.30 y syslog-ng Store Box 6.10.0 también se ven afectados. • https://github.com/wdahlenburg/CVE-2022-38725 https://github.com/syslog-ng/syslog-ng/security/advisories/GHSA-7932-4fc6-pvmc https://lists.balabit.hu/pipermail/syslog-ng https://lists.debian.org/debian-lts-announce/2023/02/msg00043.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3TZ7U2GQTAHVHJXSSEHQS5D2Q5T6SZB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QU36HCM3VZYANUYFC6XFYEYJEKQPA2Q7 https://security.gentoo.org/glsa/ • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 1CVE-2020-8019 – syslog-ng: Local privilege escalation from new to root in %post
https://notcve.org/view.php?id=CVE-2020-8019
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Module for Legacy Software 12, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server for SAP 12-SP1; openSUSE Backports SLE-15-SP1, openSUSE Leap 15.1 allowed local attackers controlling the user news to escalate their privileges to root. This issue affects: SUSE Linux Enterprise Debuginfo 11-SP3 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Debuginfo 11-SP4 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Module for Legacy Software 12 syslog-ng versions prior to 3.6.4-12.8.1. SUSE Linux Enterprise Point of Sale 11-SP3 syslog-ng versions prior to 2.0.9-27.34.40.5.1. • https://bugzilla.suse.com/show_bug.cgi?id=1169385 • CWE-61: UNIX Symbolic Link (Symlink) Following •
CVSS: 4.3EPSS: 1%CPEs: 2EXPL: 0CVE-2011-1951
https://notcve.org/view.php?id=CVE-2011-1951
lib/logmatcher.c in Balabit syslog-ng before 3.2.4, when the global flag is set and when using PCRE 8.12 and possibly other versions, allows remote attackers to cause a denial of service (memory consumption) via a message that does not match a regular expression. lib/logmatcher.c en Balabit syslog-ng anterior a v3.2.4, cuando la bandera global está habilitada y cuando usa PCRE v8.12 y posiblemente otras versiones, permite a atacantes remotos provocar una denegación de servicio(consumo de memoria) a través de un mensaje que no coincide con una expresión regular. • http://git.balabit.hu/?p=bazsi/syslog-ng-3.2.git%3Ba=commit%3Bh=09710c0b105e579d35c7b5f6c66d1ea5e3a3d3ff http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062107.html http://secunia.com/advisories/45122 http://www.openwall.com/lists/oss-security/2011/05/26/1 http://www.securityfocus.com/bid/47800 https://bugzilla.redhat.com/show_bug.cgi?id=709088 • CWE-399: Resource Management Errors •
CVSS: 6.9EPSS: 0%CPEs: 10EXPL: 0CVE-2011-0343
https://notcve.org/view.php?id=CVE-2011-0343
Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files. Balabit syslog-ng v2.0, v3.0, v3.1, v3.2 OSE y PE, cuando se ejecutan en FreeBSD o HP-UX, no realiza adecuadamente las operaciones de conversión, esto provoca que syslog-ng emplee un valor por defecto de -1 para crear archivos de registro (log) con permisos no seguros (07777), lo que permite a usuarios locales leer y escribir en estos archivos de registro. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608491 http://www.securityfocus.com/archive/1/515955/100/0/threaded http://www.securityfocus.com/bid/45988 https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2008-5110
https://notcve.org/view.php?id=CVE-2008-5110
syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9. syslog-ng no llama a chdir cuando llama a chroot, lo que podría permitir a los atacantes escapar de la jaula prevista. NOTA: esto es sólo una vulnerabilidad cuando una vulnerabilidad independiente esta presente. Esta fallo afecta a las versiones de syslog-ng anteriores e incluso a la versión 2.0.9 • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505791 http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286083 http://secunia.com/advisories/35748 http://secunia.com/advisories/40551 http://security.gentoo.org/glsa/glsa-200907-10.xml http://www.openwall.com/lists/oss-security/2008/11/17/3 http://www.vupen.com/english/advisories/2010/1796 •