lib/logmatcher.c in Balabit syslog-ng before 3.2.4, when the global flag is set and when using PCRE 8.12 and possibly other versions, allows remote attackers to cause a denial of service (memory consumption) via a message that does not match a regular expression.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Syslog-ng | Oneidentity | * | 3.2.4 (excluding) |
Syslog-ng | Ubuntu | hardy | * |
Syslog-ng | Ubuntu | lucid | * |
Syslog-ng | Ubuntu | maverick | * |
Syslog-ng | Ubuntu | natty | * |