CVE-2005-1061

2005-05-0204:00:00

redhat

web.nvd.nist.gov

logwatch

log processing

security

vulnerability

exploit

cve-2005-1061

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

High

EPSS

0.004

Percentile

73.3%

JSON

The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka “logwatch log processing regular expression DoS.”

Affected configurations

Nvd

Node

logwatchlogwatchMatch2.6.2

Node

redhatenterprise_linuxMatch2.1advanced_server

redhatenterprise_linuxMatch2.1enterprise_server

redhatenterprise_linuxMatch2.1workstation

redhatlinux_advanced_workstationMatch2.1itanium

VendorProductVersionCPE
logwatchlogwatch2.6.2cpe:2.3:a:logwatch:logwatch:2.6.2:*:*:*:*:*:*:*
redhatenterprise_linux2.1cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
redhatenterprise_linux2.1cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
redhatenterprise_linux2.1cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
redhatlinux_advanced_workstation2.1cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*

Vendor	Product	Version	CPE
logwatch	logwatch	2.6.2	cpe:2.3:a:logwatch:logwatch:2.6.2:::::::*
redhat	enterprise_linux	2.1	cpe:2.3:o:redhat:enterprise_linux:2.1::advanced_server:::::
redhat	enterprise_linux	2.1	cpe:2.3:o:redhat:enterprise_linux:2.1::enterprise_server:::::
redhat	enterprise_linux	2.1	cpe:2.3:o:redhat:enterprise_linux:2.1::workstation:::::
redhat	linux_advanced_workstation	2.1	cpe:2.3:o:redhat:linux_advanced_workstation:2.1::itanium:::::