CVE-2002-1200

Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oneidentity:syslog-ng:1.4.0:rc3:*:*:*:*:*:*
cpe:2.3:a:oneidentity:syslog-ng:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:oneidentity:syslog-ng:1.4.8:*:*:*:*:*:*:*
cpe:2.3:a:oneidentity:syslog-ng:1.4.9:*:*:*:*:*:*:*
cpe:2.3:a:oneidentity:syslog-ng:1.4.10:*:*:*:*:*:*:*
cpe:2.3:a:oneidentity:syslog-ng:1.4.15:*:*:*:*:*:*:*
cpe:2.3:a:oneidentity:syslog-ng:1.5.15:*:*:*:*:*:*:*
cpe:2.3:a:oneidentity:syslog-ng:1.5.20:*:*:*:*:*:*:*

Information

Published : 2002-10-27 21:00

Updated : 2020-05-19 12:33


NVD link : CVE-2002-1200

Mitre link : CVE-2002-1200


JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa

Products Affected

oneidentity

  • syslog-ng