67 matches found
EUVD-2014-3629
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2014-3634
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary...
Amazon Linux 2023 : rsyslog, rsyslog-crypto, rsyslog-elasticsearch (ALAS2023-2023-001)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-001 advisory. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use...
Debian: Security Advisory (DLA-72-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K42903299: rsyslog: remote syslog PRI vulnerability CVE-2014-3634
Security Advisory Description rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a crafted priority PRI value that triggers an out-of-bounds array...
Amazon Linux 2022 : rsyslog (ALAS2022-2022-211)
The version of rsyslog installed on the remote host is prior to 8.2204.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-211 advisory. - rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of...
Amazon Linux 2022 : rsyslog, rsyslog-crypto, rsyslog-elasticsearch (ALAS2022-2022-075)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-075 advisory. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use...
Amazon Linux AMI : rsyslog (ALAS-2022-1594)
The version of rsyslog installed on the remote host is prior to 5.8.10-9.29. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1594 advisory. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local...
Important: rsyslog
Issue Overview: A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon or, potentially in rsyslog 7.x, execute arbitrary...
Mageia: Security Advisory (MGASA-2014-0411)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:1294-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2014-1397)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2014-1671)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2014-1654)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux: Security Advisory (ALAS-2014-445)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : update for rsyslog (SUSE-SU-2014:1438-1)
This update for rsyslog provides the following fixes : - Fixed remote PRI DoS vulnerability patch CVE-2014-3683, bnc899756 - Removed broken, unsupported and dropped by upstream zpipe utility from rsyslog-diag-tools package bnc890228 Note that Tenable Network Security has extracted the preceding...
Mandriva Linux Security Advisory : rsyslog (MDVSA-2015:130)
Updated rsyslog packages fix security vulnerability : Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial...
AIX rsyslog Advisory : rsyslog_advisory.asc
The version of rsyslog installed on the remote AIX host is affected by a remote code execution or denial of service vulnerability : - The installed rsyslog allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impacts by crafting a...
OracleVM 3.3 : rsyslog (OVMSA-2014-0030)
The remote OracleVM system is missing necessary patches to address critical security updates : - use setsid to get a controlling session and process group Orabug: 17346261 Todd Vierling - fix CVE-2014-3634 resolves: 1149148 - drop patch 5 which introduced a regression resolves: 927405 reverts:...
Amazon Linux AMI : rsyslog (ALAS-2014-445)
A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon. CVE-2014-3634 C Tenable Network Security, Inc. The descriptive...