N/A

The fileop module of the NXLog service in NXLog Community Edition 2.10.2150 allows remote attackers to cause a denial of service (daemon crash) via a crafted Syslog payload to the Syslog service. This attack requires a specific configuration. Also, the name of the directory created must use a Syslog field. (For example, on Linux it is not possible to create a .. directory. On Windows, it is not possible to create a CON directory.)

N/A

N/A

Nxlog 代码问题漏洞

Nxlog是美国Nxlog公司的一个可支持多种操作系统用于日志收集、日志集中化的软件。 NXLog Community Edition 2.10.2150 存在安全漏洞，该漏洞源于NXLog service的fileop模块允许远程攻击者通过精心制作的Syslog有效负载到Syslog服务导致拒绝服务。

N/A

N/A