CVE-2020-8448

Name of the Vulnerable Software and Affected Versions OSSEC-HIDS versions 2.7 through 3.5.0

Description The issue affects the server component responsible for log analysis, ossec-analysisd, which is vulnerable to a denial of service due to a NULL pointer dereference. This can be triggered by crafted messages written directly to the analysisd UNIX domain socket by a local user.

Recommendations For OSSEC-HIDS versions 2.7 through 3.5.0, consider restricting access to the analysisd UNIX domain socket to prevent local users from sending crafted messages until a patch is available. As a temporary workaround, consider disabling the ossec-analysisd component until a fix is provided to prevent potential denial of service attacks.