7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.228 Low
EPSS
Percentile
96.5%
CentOS Errata and Security Advisory CESA-2014:1671
The rsyslog packages provide an enhanced, multi-threaded syslog daemon
that supports writing to relational databases, syslog/TCP, RFC 3195,
permitted sender lists, filtering on any message part, and fine grained
output format control.
A flaw was found in the way rsyslog handled invalid log message priority
values. In certain configurations, a local attacker, or a remote attacker
able to connect to the rsyslog port, could use this flaw to crash the
rsyslog daemon. (CVE-2014-3634)
Red Hat would like to thank Rainer Gerhards of rsyslog upstream for
reporting this issue.
All rsyslog5 and rsyslog users are advised to upgrade to these updated
packages, which contain a backported patch to correct this issue. After
installing the update, the rsyslog service will be restarted automatically.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2014-October/082861.html
https://lists.centos.org/pipermail/centos-cr-announce/2014-October/027753.html
Affected packages:
rsyslog
rsyslog-gnutls
rsyslog-gssapi
rsyslog-mysql
rsyslog-pgsql
rsyslog-relp
rsyslog-snmp
rsyslog5
rsyslog5-gnutls
rsyslog5-gssapi
rsyslog5-mysql
rsyslog5-pgsql
rsyslog5-snmp
Upstream details at:
https://access.redhat.com/errata/RHSA-2014:1671
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 6 | i686 | rsyslog | < 5.8.10-9.el6_6 | rsyslog-5.8.10-9.el6_6.i686.rpm |
CentOS | 6 | i686 | rsyslog-gnutls | < 5.8.10-9.el6_6 | rsyslog-gnutls-5.8.10-9.el6_6.i686.rpm |
CentOS | 6 | i686 | rsyslog-gssapi | < 5.8.10-9.el6_6 | rsyslog-gssapi-5.8.10-9.el6_6.i686.rpm |
CentOS | 6 | i686 | rsyslog-mysql | < 5.8.10-9.el6_6 | rsyslog-mysql-5.8.10-9.el6_6.i686.rpm |
CentOS | 6 | i686 | rsyslog-pgsql | < 5.8.10-9.el6_6 | rsyslog-pgsql-5.8.10-9.el6_6.i686.rpm |
CentOS | 6 | i686 | rsyslog-relp | < 5.8.10-9.el6_6 | rsyslog-relp-5.8.10-9.el6_6.i686.rpm |
CentOS | 6 | i686 | rsyslog-snmp | < 5.8.10-9.el6_6 | rsyslog-snmp-5.8.10-9.el6_6.i686.rpm |
CentOS | 6 | x86_64 | rsyslog | < 5.8.10-9.el6_6 | rsyslog-5.8.10-9.el6_6.x86_64.rpm |
CentOS | 6 | x86_64 | rsyslog-gnutls | < 5.8.10-9.el6_6 | rsyslog-gnutls-5.8.10-9.el6_6.x86_64.rpm |
CentOS | 6 | x86_64 | rsyslog-gssapi | < 5.8.10-9.el6_6 | rsyslog-gssapi-5.8.10-9.el6_6.x86_64.rpm |