Skip to content

Commit 68f5ebb

Browse files
committed
add: AVE-2023-0002
1 parent d7ad225 commit 68f5ebb

1 file changed

Lines changed: 29 additions & 0 deletions

File tree

vulns/2002/AVE-2002-0050.toml

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
[basic]
2+
description = "Balabit Syslog-NG 1.4.x(至 1.4.15)和 1.5.x(至 1.5.20)版本在使用模板文件名或输出时,在宏展开过程中遇到常量字符未能正确跟踪缓冲区大小,导致缓冲区溢出。远程攻击者可利用此漏洞造成拒绝服务,甚至可能执行任意代码。"
3+
published = "2002-10-28"
4+
remediation = "升级至 Syslog-NG 1.4.15 或 1.5.20 以上版本,或应用厂商官方补丁。同时建议限制对 Syslog-NG 服务的网络访问权限以降低风险。"
5+
score = 7.5
6+
severity = "HIGH"
7+
sources = ["osv", "nvd"]
8+
title = "Balabit Syslog-NG 宏扩展缓冲区溢出漏洞"
9+
updated = "2002-10-28"
10+
11+
[exploit]
12+
exp_urls = []
13+
poc_urls = []
14+
15+
[id]
16+
aliases = ["CVE-2002-1200"]
17+
ave_id = "AVE-2002-0050"
18+
cve_id = "CVE-2002-1200"
19+
20+
[meta]
21+
collected_at = "2026-07-11T00:00:00+00:00"
22+
status = "completed"
23+
24+
[affected]
25+
vendor = "Balabit"
26+
product = "syslog-ng"
27+
28+
[references]
29+
urls = ["http://nvd.nist.gov/vuln/detail/CVE-2002-1200", "http://www.balabit.hu/static/zsa/ZSA-2002-014-en.txt", "http://www.debian.org/security/2002/dsa-175", "http://www.securityfocus.com/bid/5934", "http://marc.info/?l=bugtraq&m=103426595021928&w=2"]

0 commit comments

Comments
 (0)