Check Point FireWall-1/VPN-1 Syslog Daemon Remote Overflow DoS

This script is Copyright (C) 2003-2014 Tenable Network Security, Inc.


Synopsis :

The remote syslog service has a denial of service vulnerability.

Description :

The remote host is running a syslog server (most likely a Check Point
NG syslog server) with a denial of service vulnerability. A remote,
attacker could exploit this to crash this server. It is not known
whether or not this vulnerability could result in arbitrary code
execution.

Please note Nessus crashed the service while performing this check.

See also :

http://www.nessus.org/u?828959b8
http://www.nessus.org/u?52cfe65e

Solution :

Upgrade to NG FP3 HF2.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.2
(CVSS2#E:U/RL:U/RC:C)
Public Exploit Available : false

Family: Firewalls

Nessus Plugin ID: 11613 (cp_syslog_overflow.nasl)

Bugtraq ID: 7159

CVE ID: