Family: Debian Local Security Checks --> Category: infos
[DSA175] DSA-175-1 syslog-ng Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Balazs Scheidler discovered a problem in the way syslog-ng handles macro
expansion. When a macro is expanded a static length buffer is used
accompanied by a counter. However, when constant characters are
appended, the counter is not updated properly, leading to incorrect
boundary checking. A possible hacker may be able to use specially crafted
log messages inserted via UDP which overflows the buffer.
This problem has been fixed in version 1.5.15-1.1 for the current
stable distribution (woody), in version 1.4.0rc3-3.2 for the old
stable distribution (potato) and version 1.5.21-1 for the unstable
We recommend that you upgrade your syslog-ng package immediately.
Solution : http://www.debian.org/security/2002/dsa-175
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.