Debian Bug report logs - #457334
syslog-ng: CVE-2007-6437 prone to denial of service attack

version graph

Package: syslog-ng; Maintainer for syslog-ng is syslog-ng maintainers <syslog-ng-maintainers@lists.alioth.debian.org>; Source for syslog-ng is src:syslog-ng.

Reported by: Nico Golde <nion@debian.org>

Date: Fri, 21 Dec 2007 16:54:04 UTC

Severity: grave

Tags: patch, security

Fixed in versions syslog-ng/2.0.6-1, syslog-ng/2.0.5-3+lenny1

Done: Nico Golde <nion@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, SZALAY Attila <sasa@debian.org>:
Bug#457334; Package syslog-ng. Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nion@debian.org>:
New Bug report received and forwarded. Copy sent to SZALAY Attila <sasa@debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: submit@bugs.debian.org
Subject: syslog-ng: CVE-2007-6437 prone to denial of service attack
Date: Fri, 21 Dec 2007 17:52:34 +0100
[Message part 1 (text/plain, inline)]
Package: syslog-ng
Severity: grave
Tags: security patch

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for syslog-ng.

CVE-2007-6437[0]:
| Balabit syslog-ng 2.0.x before 2.0.6 and 2.1.x before 2.1.8 allows
| remote attackers to cause a denial of service (crash) via a message
| with a timestamp that does not contain a trailing space, which
| triggers a NULL pointer dereference.

The upstream patch is available on:
http://git.balabit.hu/?p=bazsi/syslog-ng-2.0.git;a=commitdiff;h=3126ebad217e7fd6356f4733ca33f571aa87a170

If you fix this vulnerability please also include the CVE id
in your changelog entry.

For further information:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6437

Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, SZALAY Attila <sasa@debian.org>:
Bug#457334; Package syslog-ng. Full text and rfc822 format available.

Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to SZALAY Attila <sasa@debian.org>. Full text and rfc822 format available.

Message #10 received at 457334@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: 457334@bugs.debian.org
Subject: Re: syslog-ng: CVE-2007-6437 prone to denial of service attack
Date: Sat, 22 Dec 2007 14:45:37 +0100
[Message part 1 (text/plain, inline)]
Hi,
attached is an NMU proposal.
It will be also archived on:
http://people.debian.org/~nion/nmu-diff/syslog-ng-2.0.5-3_2.0.5-3.1.patch

Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[syslog-ng-2.0.5-3_2.0.5-3.1.patch (text/x-diff, attachment)]
[Message part 3 (application/pgp-signature, inline)]

Reply sent to SZALAY Attila <sasa@debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Nico Golde <nion@debian.org>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #15 received at 457334-close@bugs.debian.org (full text, mbox):

From: SZALAY Attila <sasa@debian.org>
To: 457334-close@bugs.debian.org
Subject: Bug#457334: fixed in syslog-ng 2.0.6-1
Date: Sat, 22 Dec 2007 15:17:02 +0000
Source: syslog-ng
Source-Version: 2.0.6-1

We believe that the bug you reported is fixed in the latest version of
syslog-ng, which is due to be installed in the Debian FTP archive:

syslog-ng_2.0.6-1.diff.gz
  to pool/main/s/syslog-ng/syslog-ng_2.0.6-1.diff.gz
syslog-ng_2.0.6-1.dsc
  to pool/main/s/syslog-ng/syslog-ng_2.0.6-1.dsc
syslog-ng_2.0.6-1_i386.deb
  to pool/main/s/syslog-ng/syslog-ng_2.0.6-1_i386.deb
syslog-ng_2.0.6.orig.tar.gz
  to pool/main/s/syslog-ng/syslog-ng_2.0.6.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 457334@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
SZALAY Attila <sasa@debian.org> (supplier of updated syslog-ng package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 22 Dec 2007 15:54:58 +0100
Source: syslog-ng
Binary: syslog-ng
Architecture: source i386
Version: 2.0.6-1
Distribution: unstable
Urgency: high
Maintainer: SZALAY Attila <sasa@debian.org>
Changed-By: SZALAY Attila <sasa@debian.org>
Description: 
 syslog-ng  - Next generation logging daemon
Closes: 457334
Changes: 
 syslog-ng (2.0.6-1) unstable; urgency=high
 .
   * New upstream version.
   * This release addresses the following security issue:
     - A remote attacker can cause a denial of service (crash)
       via a crafted log message that is missing a whitespace
       at the end of the timestamp (CVE-2007-6437; Closes: #457334)
Files: 
 074cbc7607a8d55422617163a32e5094 620 admin extra syslog-ng_2.0.6-1.dsc
 16fa7595834765537650b390e93fe5e7 369302 admin extra syslog-ng_2.0.6.orig.tar.gz
 85ae0c6d9c6fefb9d4425f60ab0b0ee5 38473 admin extra syslog-ng_2.0.6-1.diff.gz
 b21cbec409b1330120f55960e4a5b4ea 189406 admin extra syslog-ng_2.0.6-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHbSbm23Gu/Kug6LIRAuhZAKCiO4CdD/F2d3G5e0vFbednfwXQSACfVy2b
KTNHEBlJ2BUFOpN3cCAwfcU=
=hLG6
-----END PGP SIGNATURE-----





Reply sent to Nico Golde <nion@debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Nico Golde <nion@debian.org>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #20 received at 457334-close@bugs.debian.org (full text, mbox):

From: Nico Golde <nion@debian.org>
To: 457334-close@bugs.debian.org
Subject: Bug#457334: fixed in syslog-ng 2.0.5-3+lenny1
Date: Wed, 26 Dec 2007 16:22:57 +0000
Source: syslog-ng
Source-Version: 2.0.5-3+lenny1

We believe that the bug you reported is fixed in the latest version of
syslog-ng, which is due to be installed in the Debian FTP archive:

syslog-ng_2.0.5-3+lenny1.diff.gz
  to pool/main/s/syslog-ng/syslog-ng_2.0.5-3+lenny1.diff.gz
syslog-ng_2.0.5-3+lenny1.dsc
  to pool/main/s/syslog-ng/syslog-ng_2.0.5-3+lenny1.dsc
syslog-ng_2.0.5-3+lenny1_i386.deb
  to pool/main/s/syslog-ng/syslog-ng_2.0.5-3+lenny1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 457334@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nico Golde <nion@debian.org> (supplier of updated syslog-ng package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 22 Dec 2007 14:33:13 +0100
Source: syslog-ng
Binary: syslog-ng
Architecture: source i386
Version: 2.0.5-3+lenny1
Distribution: testing-security
Urgency: high
Maintainer: SZALAY Attila <sasa@debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description: 
 syslog-ng  - Next generation logging daemon
Closes: 457334
Changes: 
 syslog-ng (2.0.5-3+lenny1) testing-security; urgency=high
 .
   * Non-maintainer upload by security team.
   * This update addresses the following security issue:
     - A remote attacker can cause a denial of service (crash)
       via a crafted log message that is missing a whitespace
       at the end of the timestamp (CVE-2007-6437; Closes: #457334).
Files: 
 b6472011ab7a60d5f41d51b3accfcb54 634 admin extra syslog-ng_2.0.5-3+lenny1.dsc
 c161eefc450fabc246c1a10997c6c6a5 363064 admin extra syslog-ng_2.0.5.orig.tar.gz
 37ef489132204adbc7223a61d11fad6e 15699 admin extra syslog-ng_2.0.5-3+lenny1.diff.gz
 942f949ae3cf5cafffbeffdb5677c36f 190648 admin extra syslog-ng_2.0.5-3+lenny1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHcP74HYflSXNkfP8RAmZYAKCbD79YM1FDrzoZjgd94ltpQr2ZYgCeKnFW
qd3g0Szi711/MvNAO1Q+h6E=
=cRsp
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Fri, 25 Apr 2008 07:35:57 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Apr 18 15:58:43 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.