CVE-2000-1165

Published Jan 9, 2001

Last updated 3 months ago

CVSS info 5.0

Overview

Description: Balabit syslog-ng allows remote attackers to cause a denial of service (application crash) via a malformed log message that does not have a closing > in the priority specifier.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:balabit:syslog-ng:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "237C9B6B-9F31-46D9-9B2C-F4DBF3E1AA21",
            "versionEndIncluding": "1.4.6"
          },
          {
            "criteria": "cpe:2.3:a:balabit:syslog-ng:1.4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDB6CA0D-295B-492F-A519-E3DDBCCB4B2F"
          },
          {
            "criteria": "cpe:2.3:a:balabit:syslog-ng:1.4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5C7636A-9CC1-4D42-876C-6DAE6C4503CB"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References