CVE-2005-1061
published 2005-05-02CVE-2005-1061: The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that…
PriorityP418medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
3.07%
86.0th percentile
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | logwatch | < logwatch 5.0-1 (bookworm) | logwatch 5.0-1 (bookworm) |
| logwatch | logwatch | — | — |
| logwatch | logwatch | >= 0 < 5.0-1 | 5.0-1 |
| logwatch | logwatch | >= 0 < 5.0-1 | 5.0-1 |
| logwatch | logwatch | >= 0 < 5.0-1 | 5.0-1 |
| logwatch | logwatch | >= 0 < 5.0-1 | 5.0-1 |
| redhat | enterprise_linux | — | — |
| redhat | linux_advanced_workstation | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2005-1061: logwatch - The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch ...
vendor_debian·2005·CVSS 5.0
CVE-2005-1061 [MEDIUM] CVE-2005-1061: logwatch - The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch ...
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."
Scope: local
bookworm: resolved (fixed in 5.0-1)
bullseye: resolved (fixed in 5.0-1)
forky: resolved (fixed in 5.0-1)
sid: resolved (fixed in 5.0-1)
trixie: resolved (fixed in 5.0-1)
Red Hat
security flaw
vendor_redhat·2004-10-28·CVSS 5.0
CVE-2005-1061 [MEDIUM] security flaw
security flaw
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."
GHSA
GHSA-3qhc-99ww-4gq4: The secure script in LogWatch before 2
ghsa_unreviewed·2022-05-01
CVE-2005-1061 [MEDIUM] GHSA-3qhc-99ww-4gq4: The secure script in LogWatch before 2
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."
OSV
CVE-2005-1061: The secure script in LogWatch before 2
osv·2005-05-02·CVSS 5.0
CVE-2005-1061 [MEDIUM] CVE-2005-1061: The secure script in LogWatch before 2
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."
No detection rules found.
Bugzilla
CVE-2005-1061 security flaw
bugzilla·2018-08-16·CVSS 5.0
CVE-2005-1061 [MEDIUM] CVE-2005-1061 security flaw
CVE-2005-1061 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."
Bugzilla
CVE-2005-3353 PHP exif data DoS
bugzilla·2005-11-07·CVSS 5.0
CVE-2005-3353 [MEDIUM] CVE-2005-3353 PHP exif data DoS
CVE-2005-3353 PHP exif data DoS
PHP exif data DoS
An error in the way php processes exif image data has been found.
This flaw will cause PHP to enter an infinite loop when
exif_read_data() against the malicious image. The PHP process will
continue to consume computing resources until the PHP process is
killed.
http://bugs.php.net/bug.php?id=34704
When run through httpd, the PHP process will eventually timeout and be
killed. This is only a temporary DoS when PHP is run from httpd..
This issue also affects FC3
Discussion:
Fixed in FEDORA-2005-1062/FEDORA-2005-1061.
Bugzilla
CVE-2005-3388 PHP phpinfo() XSS attack
bugzilla·2005-11-01·CVSS 4.3
CVE-2005-3388 [MEDIUM] CVE-2005-3388 PHP phpinfo() XSS attack
CVE-2005-3388 PHP phpinfo() XSS attack
+++ This bug was initially created as a clone of Bug #172212 +++
Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up
to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web
script or HTML via a crafted URL with a "stacked array assignment."
http://www.hardened-php.net/advisory_182005.77.html
This issue should also affect FC3
Discussion:
Fixed in FEDORA-2005-1062/FEDORA-2005-1061.
---
FEDORA-2020-fb144e7de5 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-fb144e7de5
---
FEDORA-2020-fb144e7de5 has been pushed to the Fedora 32 testing repository.
In short time you'll be able to install the update with the following command:
`sudo dnf upgrade --enabl
Bugzilla
CVE-2005-3390 PHP register globals arbitrary code execution
bugzilla·2005-11-01·CVSS 7.5
CVE-2005-3390 [HIGH] CVE-2005-3390 PHP register globals arbitrary code execution
CVE-2005-3390 PHP register globals arbitrary code execution
+++ This bug was initially created as a clone of Bug #172207 +++
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5,
when register_globals is enabled, allows remote attackers to modify the
GLOBALS array and bypass security protections of PHP applications via a
multipart/form-data POST request with a "GLOBALS" fileupload field.
http://www.hardened-php.net/advisory_202005.79.html
This issue should also affect FC3
Discussion:
*** Bug 172200 has been marked as a duplicate of this bug. ***
---
Fixed in FEDORA-2005-1062/FEDORA-2005-1061.
Bugzilla
CVE-2005-3389 PHP parse_str can enable register_globals
bugzilla·2005-11-01·CVSS 5.0
CVE-2005-3389 [MEDIUM] CVE-2005-3389 PHP parse_str can enable register_globals
CVE-2005-3389 PHP parse_str can enable register_globals
+++ This bug was initially created as a clone of Bug #172209 +++
The parse_str function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5, when called
with only one parameter, allows remote attackers to disable the
register_globals directive via inputs that cause a request to be terminated
due to the memory_limit setting, which causes PHP to set an internal flag that
enables register_globals and allows attackers to exploit vulnerabilities in
PHP applications that would otherwise be protected.
http://www.hardened-php.net/advisory_192005.78.html
This issue also affects FC3
Discussion:
Fixed in FEDORA-2005-1062/FEDORA-2005-1061.
2005-05-02
Published