CVE-2007-6437 in Syslog-ng Open Source Editioninfo

Summary

Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows remote attackers to cause a denial of service (crash) via a message with a timestamp that does not contain a trailing space, which triggers a NULL pointer dereference.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

12/19/2007

Disclosure

12/19/2007

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
40129	Balabit Syslog-ng Open Source Edition input validation	20	Proof-of-Concept	Official fix	CVE-2007-6437

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!