Lucene search

CVE-2018-1000140

🗓️ 23 Mar 2018 21:00:29Reported by mitreType

rsyslog librelp v1.2.14 & earlier Buffer Overflow vuln allows remote code execution. Exploitable by sending crafted x509 cer

Reporter	Title	Published	Views	Family All 95
Tenable Nessus	Ubuntu 14.04 LTS : librelp vulnerability (USN-3612-1)	29 Mar 201800:00	–	nessus
Tenable Nessus	Fedora 26 : librelp (2018-6f2df5ab6c)	10 Apr 201800:00	–	nessus
Tenable Nessus	RHEL 7 : librelp (RHSA-2018:1223)	25 Apr 201800:00	–	nessus
Tenable Nessus	CentOS 6 : librelp (CESA-2018:1225)	3 May 201800:00	–	nessus
Tenable Nessus	RHEL 6 : librelp (RHSA-2018:1701)	24 May 201800:00	–	nessus
Tenable Nessus	Photon OS 2.0: Librelp PHSA-2018-2.0-0039	7 Feb 201900:00	–	nessus
Tenable Nessus	Oracle Linux 7 : librelp (ELSA-2018-1223)	25 Apr 201800:00	–	nessus
Tenable Nessus	Ubuntu 16.04 ESM / 18.04 ESM : librelp vulnerability (USN-4828-1)	21 Oct 202300:00	–	nessus
Tenable Nessus	Debian DSA-4151-1 : librelp - security update	27 Mar 201800:00	–	nessus
Tenable Nessus	SUSE SLES12 Security Update : librelp (SUSE-SU-2018:0828-1)	28 Mar 201800:00	–	nessus

Nvd

Node

rsyslog librelpRange≤1.2.14

Node

debian debian_linuxMatch8.0

debian debian_linuxMatch9.0

Node

canonical ubuntu_linuxMatch14.04lts

Node

redhat enterprise_linux_desktopMatch6.0

redhat enterprise_linux_desktopMatch7.0

redhat enterprise_linux_serverMatch6.0

redhat enterprise_linux_serverMatch7.0

redhat enterprise_linux_server_ausMatch6.6

redhat enterprise_linux_server_ausMatch7.2

redhat enterprise_linux_server_ausMatch7.3

redhat enterprise_linux_server_ausMatch7.4

redhat enterprise_linux_server_ausMatch7.6

redhat enterprise_linux_server_eusMatch6.7

redhat enterprise_linux_server_eusMatch7.3

redhat enterprise_linux_server_eusMatch7.4

redhat enterprise_linux_server_eusMatch7.5

redhat enterprise_linux_server_eusMatch7.6

redhat enterprise_linux_server_tusMatch6.6

redhat enterprise_linux_server_tusMatch7.2

redhat enterprise_linux_server_tusMatch7.3

redhat enterprise_linux_server_tusMatch7.4

redhat enterprise_linux_server_tusMatch7.6

redhat enterprise_linux_workstationMatch6.0

redhat enterprise_linux_workstationMatch7.0

Source	Link
access	www.access.redhat.com/errata/RHSA-2018:1225
access	www.access.redhat.com/errata/RHSA-2018:1701
access	www.access.redhat.com/errata/RHSA-2018:1702
access	www.access.redhat.com/errata/RHSA-2018:1704
lgtm	www.lgtm.com/rules/1505913226124/
github	www.github.com/rsyslog/librelp/blob/532aa362f0f7a8d037505b0a27a1df452f9bac9e/src/tcp.c
access	www.access.redhat.com/errata/RHSA-2018:1707
usn	www.usn.ubuntu.com/3612-1/
access	www.access.redhat.com/errata/RHSA-2018:1223
debian	www.debian.org/security/2018/dsa-4151

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Mar 2018 21:29Current

9.7High risk

Vulners AI Score9.7

CVSS27.5

CVSS39.8

EPSS0.39015

CWE-787