An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.

An update of the syslog package has been released.

The remote host is affected by the vulnerability described in GLSA-202305-09 (syslog-ng: Denial of Service)

  - An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote     attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network     function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.
    (CVE-2022-38725)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5369 advisory.

  - An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote     attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network     function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.
    (CVE-2022-38725)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3348 advisory.

  - An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote     attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network     function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.
    (CVE-2022-38725)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-43eb573065 advisory.

    Security fix for CVE-2022-38725

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3d44a41fa3 advisory.

    Security fix for CVE-2022-38725

Tenable has extracted the preceding description block directly from the Fedora security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 / SLES_SAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0319-1 advisory.

  - An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote     attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network     function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.
    (CVE-2022-38725)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0040-1 advisory.

  - An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote     attackers to cause a Denial of Service via crafted syslog input that is mishandled by the tcp or network     function. syslog-ng Premium Edition 7.0.30 and syslog-ng Store Box 6.10.0 are also affected.
    (CVE-2022-38725)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
204552	Photon OS 4.0: Syslog PHSA-2023-4.0-0494	Nessus	PhotonOS Local Security Checks	high
204245	Photon OS 5.0: Syslog PHSA-2023-5.0-0093	Nessus	PhotonOS Local Security Checks	high
203849	Photon OS 3.0: Syslog PHSA-2023-3.0-0693	Nessus	PhotonOS Local Security Checks	high
175041	GLSA-202305-09 : syslog-ng: Denial of Service	Nessus	Gentoo Local Security Checks	high
172130	Debian DSA-5369-1 : syslog-ng - security update	Nessus	Debian Local Security Checks	high
172030	Debian DLA-3348-1 : syslog-ng - LTS security update	Nessus	Debian Local Security Checks	high
171469	Fedora 36 : syslog-ng (2023-43eb573065)	Nessus	Fedora Local Security Checks	high
171467	Fedora 37 : syslog-ng (2023-3d44a41fa3)	Nessus	Fedora Local Security Checks	high
171413	SUSE SLES12 Security Update : syslog-ng (SUSE-SU-2023:0319-1)	Nessus	SuSE Local Security Checks	high
171001	openSUSE 15 Security Update : syslog-ng (openSUSE-SU-2023:0040-1)	Nessus	SuSE Local Security Checks	high

Detections

Analytics

CVE-2022-38725

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high