| ID |
CVE-2006-1624
|
| Summary |
The default configuration of syslogd in the Linux sysklogd package does not enable the -x (disable name lookups) option, which allows remote attackers to cause a denial of service (traffic amplification) via messages with spoofed source IP addresses. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 7.8 (as of 18-10-2018 - 16:33) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
| refmap
via4
|
| bugtraq | - 20060331 DoS-ing sysklogd?
- 20060402 RE: DoS-ing sysklogd?
| | xf | sysklogd-sourceip-dos(25672) |
|
| statements
via4
|
| contributor | Vincent Danen | | lastmodified | 2006-07-20 | | organization | Mandriva | | statement | Mandriva does not enable the -r option in syslogd per default, which prevents syslogd from listening for remote events. The -x option is also described in /etc/sysconfig/syslog for those who wish to enable the -r option. |
| contributor | Joshua Bressers | | lastmodified | 2006-12-06 | | organization | Red Hat | | statement | Red Hat does not consider this to be a security issue. Enabling the -r option is not suggested without the -x option which is clearly documented in the /etc/sysconfig/syslog configuration file. |
|
| Last major update |
18-10-2018 - 16:33 |
| Published |
05-04-2006 - 10:04 |
| Last modified |
18-10-2018 - 16:33 |
