CVE-2007-6437

EPSS 5.8%

syslog-ng - remote denial of service

Published: 12/19/2007Modified: 4/28/2026

Description

Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows remote attackers to cause a denial of service (crash) via a message with a timestamp that does not contain a trailing space, which triggers a NULL pointer dereference.

Affected packages (3)

Debian/syslog-ngfrom 0, < 2.0.6-1
Debian/syslog-ngfrom 0, < 2.0.0-1etch1
Debian/syslog-ngfrom 0, < 2.0.5-3+lenny1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-6437