FrSIRT - Fedora Security Update Fixes Syslog-ng Denial of Service Vulnerability / Exploit (Security Advisories)

French Security Incident Response Team

French

English

Fedora Security Update Fixes Syslog-ng Denial of Service Vulnerability

Title : Fedora Security Update Fixes Syslog-ng Denial of Service Vulnerability
Advisory ID : FrSIRT/ADV-2008-0209
CVE ID : CVE-2007-6437
Rated as : Low Risk

Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2008-01-21

Advisory Details

Description

Affected Products

Solution

References

Technical Description

A vulnerability has been identified in Fedora, which could be exploited by attackers to cause a denial of service [...]

Solution

Upgrade the affected packages :

2f35ff33ef3b9017dd1a17ad3a767b0ab793806b syslog-ng-debuginfo-2.0.7-1.fc7.ppc64.rpm
4763408194f0c2ae3f700493e61c69b3b42487f2 syslog-ng-2.0.7-1.fc7.ppc64.rpm
d8809e0860d8bf55f76584a5259f3fe66547dc81 syslog-ng-debuginfo-2.0.7-1.fc7.i386.rpm
da7ed64d639fb1d2bb9d96f90cfa2cbcd927bb07 syslog-ng-2.0.7-1.fc7.i386.rpm
382ea53bcfdfd63ecb9ef7c8ebaab954c1aad7f7 syslog-ng-2.0.7-1.fc7.x86_64.rpm
8cf014c79ebb3a3872b4f408ace0d537528f7d5a syslog-ng-debuginfo-2.0.7-1.fc7.x86_64.rpm
9c62e2b28c755499b9c12e7413752c5acdb7515a syslog-ng-debuginfo-2.0.7-1.fc7.ppc.rpm
9a084cc071e8b99472e1f444d72091ebd13f731e syslog-ng-2.0.7-1.fc7.ppc.rpm
9d700680ed1efdf4f0732c259ff60b909eda1a3d syslog-ng-2.0.7-1.fc7.src.rpm

d11cef478db981444452fc12a5bf824920986ea9 syslog-ng-debuginfo-2.0.7-1.fc8.ppc64.rpm
874e35fc69b75b5a48498ee318f763c9f231ff90 syslog-ng-2.0.7-1.fc8.ppc64.rpm
dc6cca15842b764530c82430871a925505b724ff syslog-ng-debuginfo-2.0.7-1.fc8.i386.rpm
6d2ea6aa71a3bc185db29560b6ab19777db5b5e6 syslog-ng-2.0.7-1.fc8.i386.rpm
a081a07b231a503624c0e584722f8c55b792e2c4 syslog-ng-debuginfo-2.0.7-1.fc8.x86_64.rpm
b0f5e78066b53ff65ae4227cb9448fdc761189e9 syslog-ng-2.0.7-1.fc8.x86_64.rpm
4613cde6ce6e6ad4c59591887112cecc773917f4 syslog-ng-debuginfo-2.0.7-1.fc8.ppc.rpm
c5ebf5a7a904019360f87d6e4a2d2c9fb31ed3c2 syslog-ng-2.0.7-1.fc8.ppc.rpm
79113ee1f18d799a0db3888c595895e7c9d0ce1c syslog-ng-2.0.7-1.fc8.src.rpm

ChangeLog

2008-01-21 : Initial release

Vulnerability Management

Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.

Mailinglist

	Cisco Unity Security Bypass and Denial of Service
	Cisco UCM SIP Remote Denial of Service
	Cisco IOS Denial of Service and Security Bypass Vulnerabilities
	Cisco PIX and ASA Information Disclosure and DoS Vulnerabilities
	Cisco Secure ACS EAP Remote Denial Of Service Vulnerability
	Cisco Products Remote DNS Cache Poisoning Vulnerability
	Cisco Wide Area Application Services CUPS Remote Vulnerability

	Sun Java System Web Proxy Server FTP Heap Overflow
	Sun Solaris ACL UFS File Systems Denial of Service Vulnerability
	Sun Solaris Text Editors Tag Files Local Code Execution Vulnerability
	Sun Management Center Remote Denial of Service Vulnerability
	Sun Solaris Bzip2 Archive Handling Denial of Service Vulnerability
	Sun Solaris GNU Tar Headers Handling Buffer Overflow Vulnerability
	Sun Solaris Covert Channel Local Security Bypass Vulnerability

	Apple Mac OS X Code Execution and Security Bypass Vulnerabilities
	Apple TV Multiple File Processing Code Execution Vulnerabilities
	Apple Mac OS X Code Execution and Security Bypass Vulnerabilities
	Apple iPhone Code Execution and Security Bypass Vulnerabilities
	Apple QuickTime Multiple Remote Code Execution Vulnerabilities
	Apple iTunes Driver Integer Overflow Privilege Escalation Vulnerability
	Apple iPod touch Code Execution and Security Bypass Vulnerabilities