The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.03898
Percentile: 0.87785

CVSS Scoring

Affected Products

• cpe:2.3:a:logwatch:logwatch:2.6.2:*:*:*:*:*:*:*
• cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
• cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
• cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
• cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*

← Back to Home