Bug 426173 (CVE-2007-6437) - CVE-2007-6437 syslog-ng crash by message with invalid timestamp separator
Summary: CVE-2007-6437 syslog-ng crash by message with invalid timestamp separator
Status: CLOSED ERRATA
Alias: CVE-2007-6437
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL: http://seclists.org/bugtraq/2007/Dec/...
Whiteboard: impact=low,source=bugtraq,public=2007...
Keywords: Security
Depends On: 304121 426305 426306 426307
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-12-18 23:11 UTC by Lubomir Kundrak
Modified: 2019-06-08 12:26 UTC (History)
2 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2008-01-17 10:09:08 UTC


Attachments (Terms of Use)

Description Lubomir Kundrak 2007-12-18 23:11:55 UTC
From Secunia:

DESCRIPTION:
A vulnerability has been reported in syslog-ng, which can be
exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to the improper processing of
incoming timestamps. This can be exploited to trigger a NULL pointer
dereference via a specially crafted message containing a timestamp
without a terminating space character.

The vulnerability is reported in syslog-ng versions prior to 2.0.6

See URL for the original advisory and a patch.
http://seclists.org/bugtraq/2007/Dec/0202.html
http://git.balabit.hu/?p=bazsi/syslog-ng-2.0.git;a=commitdiff;h=3126ebad217e7fd6356f4733ca33f571aa87a170

Comment 1 Lubomir Kundrak 2007-12-18 23:13:13 UTC
Bump 2.0.6 would also fix the issue.

Comment 2 Lubomir Kundrak 2007-12-18 23:15:07 UTC
CVE ID was requested

Comment 3 Douglas E. Warner 2007-12-19 00:10:53 UTC
I'm working on getting 2.0.6 built in rawhide right now.

Comment 5 Fedora Update System 2008-01-11 22:21:22 UTC
syslog-ng-2.0.7-1.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update syslog-ng'

Comment 6 Fedora Update System 2008-01-11 22:25:04 UTC
syslog-ng-2.0.7-1.fc7 has been pushed to the Fedora 7 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update syslog-ng'

Comment 7 Red Hat Product Security 2008-01-17 10:09:08 UTC
This issue was addressed in:

Fedora:
  https://admin.fedoraproject.org/updates/F7/FEDORA-2008-0559
  https://admin.fedoraproject.org/updates/F8/FEDORA-2008-0523



Comment 8 Fedora Update System 2008-01-18 23:56:04 UTC
syslog-ng-2.0.7-1.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 9 Fedora Update System 2008-01-18 23:56:34 UTC
syslog-ng-2.0.7-1.fc7 has been pushed to the Fedora 7 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.