Description
Multiple buffer overflows in the Syslog server in ManageEngine EventLog Analyzer 6.1 allow remote attackers to cause a denial of service (SysEvttCol.exe process crash) or possibly execute arbitrary code via a long Syslog PRI message header to UDP port (1) 513 or (2) 514. Fixed in 7.2 Build 7020.
References (1)
Core 1
Core References
Various Sources x_refsource_misc
http://www.solutionary.com/index/SERT/Vuln-Disclosures/ManageEngine-Eventlog-Analyzer-Syslog-Renite-DoS-vuln.html
Scores
EPSS
0.0215
EPSS Percentile
80.0%
Details
CWE
CWE-119
Status
published
Products (1)
manageengine/eventlog_analyzer
6.1
Published
Sep 27, 2011
Tracked Since
Feb 18, 2026