Lucene search
PRIOn knowledge basePRION:CVE-2022-38725HistoryJan 23, 2023 - 4:15 p.m.
Integer overflow
2023-01-2316:15:00
PRIOn knowledge base
www.prio-n.com
5
integer overflow
one identity syslog-ng
remote attackers
denial of service
crafted input
syslog-ng premium edition
syslog-ng store box
An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.
| CPE | Name | Operator | Version |
|---|---|---|---|
| syslog-ng | lt | 7.0.32 | |
| syslog-ng | lt | 3.38.1 | |
| syslog-ng_store_box | lt | 7.0 | |
| syslog-ng_store_box | lt | 6.0.5 |
References
github.com/syslog-ng/syslog-ng/security/advisories/GHSA-7932-4fc6-pvmc
lists.balabit.hu/pipermail/syslog-ng/
lists.debian.org/debian-lts-announce/2023/02/msg00043.html
lists.fedoraproject.org/archives/list/[email protected]/message/J3TZ7U2GQTAHVHJXSSEHQS5D2Q5T6SZB/
lists.fedoraproject.org/archives/list/[email protected]/message/QU36HCM3VZYANUYFC6XFYEYJEKQPA2Q7/
security.gentoo.org/glsa/202305-09
www.debian.org/security/2023/dsa-5369
Related
cve
cve
CVE-2022-38725
2023-01-23 16:15:10
osv
osv
CVE-2022-38725
2023-01-23 16:15:10
syslog-ng - security update
2023-03-05 00:00:00
syslog-ng - security update
2023-03-01 00:00:00
broadcom
broadcom
cbl_mariner
cbl_mariner
CVE-2022-38725 affecting package syslog-ng 3.23.1-3
2023-03-02 04:18:32
CVE-2022-38725 affecting package syslog-ng for versions less than 3.33.2-7
2023-12-05 04:40:34
nessus
nessus
Fedora 37 : syslog-ng (2023-3d44a41fa3)
2023-02-14 00:00:00
GLSA-202305-09 : syslog-ng: Denial of Service
2023-05-03 00:00:00
Fedora 36 : syslog-ng (2023-43eb573065)
2023-02-14 00:00:00
openvas
openvas
Fedora: Security Advisory for syslog-ng (FEDORA-2023-43eb573065)
2023-02-15 00:00:00
openSUSE: Security Advisory for syslog (openSUSE-SU-2023:0040-1)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:0319-1)
2023-02-10 00:00:00
gentoo
gentoo
syslog-ng: Denial of Service
2023-05-03 00:00:00
alpinelinux
alpinelinux
CVE-2022-38725
2023-01-23 16:15:10
nvd
nvd
CVE-2022-38725
2023-01-23 16:15:10
veracode
veracode
Denial Of Service (DoS)
2023-03-12 14:05:28
debian
debian
[SECURITY] [DLA 3348-1] syslog-ng security update
2023-02-28 23:32:03
[SECURITY] [DSA 5369-1] syslog-ng security update
2023-03-05 19:25:51
ubuntucve
ubuntucve
CVE-2022-38725
2023-01-23 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: syslog-ng-3.35.1-4.fc36
2023-02-15 01:20:31
[SECURITY] Fedora 37 Update: syslog-ng-3.37.1-2.fc37
2023-02-15 01:36:11
redos
redos
ROS-20240408-05
2024-04-08 00:00:00
debiancve
debiancve
CVE-2022-38725
2023-01-23 16:15:10
cvelist
cvelist
CVE-2022-38725
2023-01-23 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0693
2023-11-27 00:00:00
Important Photon OS Security Update - PHSA-2023-4.0-0494
2023-10-19 00:00:00
Important Photon OS Security Update - PHSA-2023-5.0-0093
2023-09-13 00:00:00
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00