This knowledge article is based on customer queries and it is not the full list of Syslog-ng Store Box (SSB) vulnerabilities and exposures.
A penetration test has found possible vulnerabilities in the SSB appliance.
|CVE-2016-10708||sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service||LTS SSB 5.0.x, FR <5.3.0||Upgrade to SSB 6 LTS (OpenSSH version 7.6p1)|
|CVE-2017-15906||The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in read-only mode||LTS SSB 5.0.x, FR <5.3.0||Upgrade to SSB 6 LTS (OpenSSH version 7.6p1)|
|Known as “SACK Panic,” is an integer overflow vulnerability that can be triggered by a remote attacker sending a sequence of TCP Selective ACKnowledgements (SACKs) to a vulnerable system||ALL||https://support.oneidentity.com/kb/298990|
|CVE-2019-11478||It is an excess resource consumption vulnerability that can be triggered by a remote attacker sending a sequence of SACKs to a vulnerable system, resulting in the fragmentation of the TCP retransmission queue||ALL||https://support.oneidentity.com/kb/298990|
Outdated version of OpenSSH, OpenSSL
|Number||Description||Reason for not being affected|
|CVE-2015-3200||mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication||mod_auth module is unused in lighttpd on SSB|
|CVE-2018-19052||An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50.||mod_alias module is unused in lighttpd on SSB|
|CVE-2018-10933||A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4.||libssh is unused in SSB|
|CVE-2019-5599||A bug in the non-default RACK TCP stack can allow an attacker to cause several linked lists to grow unbounded and cause an expensive list traversal on every packet being processed, leading to resource exhaustion and a denial of service||Only FreeBSD is affected|
|CVE-2019-1552||OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. Windows builds with insecure path defaults.||Only Windows is affected|