BalaBit.SyslogNG.Timestamp.Parsing.DoS

description-logoDescription

This indicates an attempt to exploit a vulnerability in BalaBit IT Security 'syslog-ng'.
BalaBit IT Security 'syslog-ng' is vulnerable to a denial of service exploit. The problem occurs when the timestamp of a received message is missing a trailing space.

affected-products-logoAffected Products

Balabit syslog-ng version before 2.0.6
Balabit syslog-ng version before 2.1.8

Impact logoImpact

Denial of service.

recomended-action-logoRecommended Actions

Upgrade at least to version 2.0.6 or 2.1.8

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)