BalaBit IT Security syslog-ng NULL-Pointer Dereference Denial of Service Vulnerability

Bugtraq ID: 26897
Class: Input Validation Error
CVE: CVE-2007-6437
Remote: Yes
Local: No
Published: Dec 17 2007 12:00AM
Updated: Jan 22 2008 10:18PM
Credit: Oriol Carreras discovered this issue.
Vulnerable: Red Hat Fedora 8
Red Hat Fedora 7
Gentoo Linux
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Balabit syslog-ng 2.1.7
Balabit syslog-ng 2.1.6
Balabit syslog-ng 2.1.5
Balabit syslog-ng 2.1.4
Balabit syslog-ng 2.1.3
Balabit syslog-ng 2.1.2
Balabit syslog-ng 2.1.1
Balabit syslog-ng 2.0.5
Balabit syslog-ng 2.0.4
Balabit syslog-ng 2.0.3
Balabit syslog-ng 2.0.2
Balabit syslog-ng 2.0.1
Balabit syslog-ng 1.5.21
Balabit syslog-ng 1.5.20
Balabit syslog-ng 1.5.15
Balabit syslog-ng 1.4.16
Balabit syslog-ng 1.4.15
Balabit syslog-ng 1.4.14
+ Conectiva Linux 8.0
Balabit syslog-ng 1.4.12
Balabit syslog-ng 1.4.11
Balabit syslog-ng 1.4.10
+ EnGarde Secure Linux 1.0.1
Balabit syslog-ng 1.4.9
Balabit syslog-ng 1.4.8
Balabit syslog-ng 1.4.7
Balabit syslog-ng 1.4.6
Balabit syslog-ng 1.4 .0rc3
Axis Communications StorPoint 1.4.16
Axis Communications StorPoint 1.4.15
Not Vulnerable: Balabit syslog-ng 2.1.8
Balabit syslog-ng 2.0.6


 

Privacy Statement
Copyright 2010, SecurityFocus