Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 SYSLOG:CP-SYSLOGD-ESC

Severity

 Medium

Recommended

 No

Category

 SYSLOG

Keywords

 CP FW-1 VPN-1 syslog DoS

Release Date

 2003/05/21

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SYSLOG: CheckPoint Syslogd Escape Characters


This signature detects attempts to exploit a known vulnerability in the syslog daemon in Check Point VPN-1/FW-1 NG FP3. The syslog daemon redirects incoming syslog messages from remote devices (routers) to the SmartTracker logging mechanism. Attackers can remotely crash the syslog daemon, which must be restarted manually.

Extended Description

Remote attackers could exploit this vulnerability to conduct a variety of attacks, such as view log files, start a denial of service attack, execute arbitrary commands, and modify files and data.

References

  • URL: http://www.aerasec.de/security/index.html?id=ae-200303-064

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out