4 matches found
MiracleLinux 7 : rsyslog-8.24.0-52.el7 (AXSA:2020-4536:02)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-4536:02 advisory. rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c CVE-2019-17041 rsyslog: heap-based overflow in...
MiracleLinux 8 : rsyslog-8.1911.0-3.el8 (AXSA:2020-364:04)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-364:04 advisory. rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c CVE-2019-17041 rsyslog: heap-based overflow in...
CLSA-2022-1652706309 Fix CVE(s): CVE-2019-17041, CVE-2019-17042, CVE-2018-16881
SECURITY UPDATE: denial of dervice - debian/patches/CVE-2018-16881.patch: introduces a frame size check in the processDataRcvd function of plugins/imptcp/imptcp.c. - CVE-2018-16881 SECURITY UPDATE: heap-based overflow - debian/patches/CVE-2019-17041.patch: adds length checks for invalid AIX log...
CVE-2019-17042
An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter in this case, a space or a colon, but fails to account for strings that do not satisfy this constraint. If...