CVE-2002-1200 - OpenCVE

Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to cause a denial of service and possibly execute arbitrary code.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Oneidentity	Syslog-ng

Configuration 1 [-]

OR	cpe:2.3:a:oneidentity:syslog-ng:1.4.0:rc3::::::
	cpe:2.3:a:oneidentity:syslog-ng:1.4.7:::::::*
	cpe:2.3:a:oneidentity:syslog-ng:1.4.8:::::::*
	cpe:2.3:a:oneidentity:syslog-ng:1.4.9:::::::*
	cpe:2.3:a:oneidentity:syslog-ng:1.4.10:::::::*
	cpe:2.3:a:oneidentity:syslog-ng:1.4.15:::::::*
	cpe:2.3:a:oneidentity:syslog-ng:1.5.15:::::::*
	cpe:2.3:a:oneidentity:syslog-ng:1.5.20:::::::*

No data.

References

Link	Providers
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000547
http://marc.info/?l=bugtraq&m=103426595021928&w=2
http://www.balabit.hu/static/zsa/ZSA-2002-014-en.txt
http://www.debian.org/security/2002/dsa-175
http://www.iss.net/security_center/static/10339.php
http://www.linuxsecurity.com/advisories/other_advisory-2513.html
http://www.novell.com/linux/security/advisories/2002_039_syslog_ng.html
http://www.securityfocus.com/bid/5934

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2004-09-01T04:00:00

Updated: 2024-08-08T03:19:27.862Z

Reserved: 2002-10-11T00:00:00

Link: CVE-2002-1200

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2002-10-28T05:00:00.000

Modified: 2020-05-19T19:33:31.377

Link: CVE-2002-1200

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-10-11T00:00:00", "descriptions": [{"lang": "en", "value": "Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to cause a denial of service and possibly execute arbitrary code."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2002-10-21T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.balabit.hu/static/zsa/ZSA-2002-014-en.txt"}, {"name": "5934", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/5934"}, {"name": "ESA-20021029-028", "tags": ["vendor-advisory", "x_refsource_ENGARDE"], "url": "http://www.linuxsecurity.com/advisories/other_advisory-2513.html"}, {"name": "syslogng-macro-expansion-bo(10339)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/10339.php"}, {"name": "SuSE-SA:2002:039", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2002_039_syslog_ng.html"}, {"name": "CLA-2002:547", "tags": ["vendor-advisory", "x_refsource_CONECTIVA"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000547"}, {"name": "20021010 syslog-ng buffer overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=103426595021928&w=2"}, {"name": "DSA-175", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2002/dsa-175"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1200", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to cause a denial of service and possibly execute arbitrary code."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.balabit.hu/static/zsa/ZSA-2002-014-en.txt", "refsource": "CONFIRM", "url": "http://www.balabit.hu/static/zsa/ZSA-2002-014-en.txt"}, {"name": "5934", "refsource": "BID", "url": "http://www.securityfocus.com/bid/5934"}, {"name": "ESA-20021029-028", "refsource": "ENGARDE", "url": "http://www.linuxsecurity.com/advisories/other_advisory-2513.html"}, {"name": "syslogng-macro-expansion-bo(10339)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/10339.php"}, {"name": "SuSE-SA:2002:039", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2002_039_syslog_ng.html"}, {"name": "CLA-2002:547", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000547"}, {"name": "20021010 syslog-ng buffer overflow", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=103426595021928&w=2"}, {"name": "DSA-175", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2002/dsa-175"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T03:19:27.862Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.balabit.hu/static/zsa/ZSA-2002-014-en.txt"}, {"name": "5934", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/5934"}, {"name": "ESA-20021029-028", "tags": ["vendor-advisory", "x_refsource_ENGARDE", "x_transferred"], "url": "http://www.linuxsecurity.com/advisories/other_advisory-2513.html"}, {"name": "syslogng-macro-expansion-bo(10339)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "http://www.iss.net/security_center/static/10339.php"}, {"name": "SuSE-SA:2002:039", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2002_039_syslog_ng.html"}, {"name": "CLA-2002:547", "tags": ["vendor-advisory", "x_refsource_CONECTIVA", "x_transferred"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000547"}, {"name": "20021010 syslog-ng buffer overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=103426595021928&w=2"}, {"name": "DSA-175", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2002/dsa-175"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1200", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2002-10-11T00:00:00", "dateUpdated": "2024-08-08T03:19:27.862Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oneidentity:syslog-ng:1.4.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "2FB78B77-64B2-4BDB-A323-A68703C6A7A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oneidentity:syslog-ng:1.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "B622DC01-D651-429B-B976-467596DE791F", "vulnerable": true}, {"criteria": "cpe:2.3:a:oneidentity:syslog-ng:1.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "788D220F-2CAD-4E16-8853-9F45AC97A2EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oneidentity:syslog-ng:1.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "F387EC59-F86A-461C-894E-1A09D186D93B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oneidentity:syslog-ng:1.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "E1041037-D106-4D19-AC72-39594E4CBB55", "vulnerable": true}, {"criteria": "cpe:2.3:a:oneidentity:syslog-ng:1.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "55321D71-D819-4767-991A-ECB084BB6531", "vulnerable": true}, {"criteria": "cpe:2.3:a:oneidentity:syslog-ng:1.5.15:*:*:*:*:*:*:*", "matchCriteriaId": "F8E1C408-AE21-4ABF-9061-E1B82C178ED9", "vulnerable": true}, {"criteria": "cpe:2.3:a:oneidentity:syslog-ng:1.5.20:*:*:*:*:*:*:*", "matchCriteriaId": "AC636B75-7F1B-4165-A8C8-697295CE856E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to cause a denial of service and possibly execute arbitrary code."}, {"lang": "es", "value": "Balabit Syslog-NG 1.4.x antes de 1.4.15, y 1.4.x antes de 1.5.20, cuando se usan plantillas de nombres de fichero o de salida, no controla adecuadamente el tama\u00f1o de un b\u00fafer cuando se encuentran caracteres constantes durante una expansi\u00f3n de macro, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo arbitrario."}], "id": "CVE-2002-1200", "lastModified": "2020-05-19T19:33:31.377", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-10-28T05:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000547"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=103426595021928&w=2"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://www.balabit.hu/static/zsa/ZSA-2002-014-en.txt"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "http://www.debian.org/security/2002/dsa-175"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.iss.net/security_center/static/10339.php"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.linuxsecurity.com/advisories/other_advisory-2513.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.novell.com/linux/security/advisories/2002_039_syslog_ng.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/5934"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}