Vulnerability Description
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Logwatch | Logwatch | 2.6.2 |
| Redhat | Enterprise Linux | 2.1 |
| Redhat | Linux Advanced Workstation | 2.1 |
References
- http://www.redhat.com/support/errata/RHSA-2005-364.htmlVendor Advisory
- https://bugzilla.redhat.com/bugzilla-old/show_bug.cgi?id=137502
- http://www.redhat.com/support/errata/RHSA-2005-364.htmlVendor Advisory
- https://bugzilla.redhat.com/bugzilla-old/show_bug.cgi?id=137502
FAQ
What is CVE-2005-1061?
CVE-2005-1061 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expres...
How severe is CVE-2005-1061?
CVE-2005-1061 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1061?
Check the references section above for vendor advisories and patch information. Affected products include: Logwatch Logwatch, Redhat Enterprise Linux, Redhat Linux Advanced Workstation.