Logsurfer context.c context_action Function Off-by-one Remote Overflow DoS
Remote / Network Access
Denial of Service,
Loss of Integrity,
Loss of Availability
Logsurfer is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a off-by-one overflow. With a specially crafted log entry, a remote attacker can potentially cause a denial of service.
Upgrade to version 1.5b or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.