Published: 02/05/2005 Updated: 05/09/2008

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The secure script in LogWatch prior to 2.6-2 allows malicious users to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."

Vulnerable Product	Search on Vulmon	Subscribe to Product
logwatch logwatch 2.6.2
redhat enterprise linux 2.1
redhat linux advanced workstation 2.1

Synopsis logwatch security update Type/Severity Security Advisory: Moderate Topic An updated logwatch package that fixes a denial of service issue is nowavailableThis update has been rated as having moderate security impact by theRed Hat Security Response Team Description LogWatch is a cu ...

source: wwwsecurityfocuscom/bid/13273/info Logwatch is prone to a denial of vulnerability in the secure script This issue may be exploited by a local attacker who can inject a malicious string into a log file, causing a denial of service condition As a result, the utility may not detect subsequent malicious activity ogger -p authpri ...

NVD-CWE-Other http://www.redhat.com/support/errata/RHSA-2005-364.html https://bugzilla.redhat.com/bugzilla-old/show_bug.cgi?id=137502 https://access.redhat.com/errata/RHSA-2005:364 https://nvd.nist.gov https://www.exploit-db.com/exploits/25465/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-1061

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect