An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-01-23T00:00:00
Updated: 2023-05-03T00:00:00
Reserved: 2022-08-24T00:00:00
Link: CVE-2022-38725
JSON object: View
NVD Information
Status : Modified
Published: 2023-01-23T16:15:10.567
Modified: 2023-11-07T03:50:12.020
Link: CVE-2022-38725
JSON object: View
Redhat Information
No data.
CWE