Description
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by anonymous · textdoslinux
https://www.exploit-db.com/exploits/25465
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-364.html
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/bugzilla-old/show_bug.cgi?id=137502
Scores
EPSS
0.0567
EPSS Percentile
90.5%
Details
Status
published
Products (3)
logwatch/logwatch
2.6.2
redhat/enterprise_linux
2.1 (3 CPE variants)
redhat/linux_advanced_workstation
2.1
Published
May 02, 2005
Tracked Since
Feb 18, 2026