The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of One Identity syslog-ng

syslog-ng: use after free via affile_dw_reap
An attacker can force the usage of a freed memory area via affile_dw_reap() of syslog-ng, in order to trigger a denial of service, and possibly to run code...
2454, FEDORA-2019-e818eaa0ac, VIGILANCE-VUL-28103
syslog-ng: unreachable memory reading via HOST
An attacker can force a read at an invalid address via $HOST on syslog-ng, in order to read a memory fragment or to trigger a denial of service...
syslog-ng: memory leak
An attacker can create a memory leak of syslog-ng, in order to trigger a denial of service...
syslog-ng: infinite loop via PCRE and global
When the syslog-ng configuration uses a rewrite with PCRE and global, an attacker can log a malicious message, in order to create an infinite loop...
BID-47800, CVE-2011-1951, FEDORA-2011-7176, FEDORA-2011-8405, VIGILANCE-VUL-10648
syslog-ng: incorrect permissions
On some systems, syslog-ng can create log files with incorrect permissions...
BID-45988, CVE-2011-0343, VIGILANCE-VUL-10277
syslog-ng: escaping the chroot
An attacker who found a vulnerability in syslog-ng can access to files located outside the chroot jail...
505791, CVE-2008-5110, FEDORA-2008-10752, FEDORA-2008-10879, FEDORA-2008-10920, VIGILANCE-VUL-8253
syslog-ng: denial of service
An attacker can send a malicious message in order to stop syslog-ng...
CERTA-2002-AVI-163, CERTA-2007-AVI-572, CVE-2007-6437, DSA-1464-1, FEDORA-2008-0523, FEDORA-2008-0559, VIGILANCE-VUL-7424, ZSA-2007-029
Buffer overflow du démon syslog-ng
En concevant des fichiers de log contenant des macros malicieuses, un attaquant peut exécuter du code avec les droits administrateur...
BID-5934, CVE-2002-1200, DSA-175, DSA-175-1, SUSE-SA:2002:039, V6-UNIXSYSLOGNGBOF, VIGILANCE-VUL-3041
Our database contains other pages. You can request a free trial to read them.

Display information about One Identity syslog-ng: