Scientific Linux Security Update : rsyslog on SL7.x x86_64 (20200407)

rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid135835; scriptversion"1.3";...

Denial Of Service (DoS)

rsyslog is vulnerable to denial of service. A two byte buffer overflow flaw was found in the rsyslog daemon's parseLegacySyslogMsg function. An attacker able to submit log messages to rsyslogd could use this flaw to crash the daemon...

The vulnerability of the Rsyslog log-processing software utility, related to buffer overflow errors, allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Rsyslog log-processing software utility is related to buffer overflow errors. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

CentOS 7 : rsyslog (RHSA-2020:1000)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1000 advisory. - An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages...

rsyslog security update

CentOS Errata and Security Advisory CESA-2020:1000 An update for rsyslog is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

rsyslog security, bug fix, and enhancement update

8.24.0-52 RHEL 7.8 ERRATUM - edited patch file ID for imfile to not log useless errors also improved file-id behavior to adress newly found problems resolves: rhbz1763746 8.24.0-49 RHEL 7.8 ERRATUM - fixed fsync patch to actually revognize the new option resolves: rhbz1696686 failedQA 8.24.0-48...

CVE-2019-17042

An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter in this case, a space or a colon, but fails to account for strings that do not satisfy this constraint. If...

CVE-2019-17040

contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled...

RHEL 7 : rsyslog (RHSA-2020:1000)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1000 advisory. The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists,...

rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c

An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter in this case, a space or a colon, but fails to account for strings that do not satisfy this constraint. If...

Moderate: Red Hat Security Advisory: rsyslog security, bug fix, and enhancement update

An update for rsyslog is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c

An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter in this case, a space or a colon but fails to account for strings that do not satisfy this...

EulerOS Virtualization 3.0.2.2 : rsyslog (EulerOS-SA-2020-1276)

According to the versions of the rsyslog packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco lo...

Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2020-1276)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux: auth.info and mail.info in /etc/rsyslog.conf

Redirect email and authentication device events to the local log file. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux: rsyslog status

Rsyslogd is a system utility providing support for message logging. Support of both internet and unix domain sockets enables this utility to support both local and remote logging. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and ar...

Linux: Only designated log hosts accepts remote rsyslog messages

Input plugin for plain TCP syslog. Replaces the deprecated -t option. Can be used like this: - $ModLoad imtcp - $InputTCPServerRun 514 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

EulerOS Virtualization for ARM 64 3.0.2.0 : rsyslog (EulerOS-SA-2020-1218)

According to the versions of the rsyslog packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser f...

Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2020-1218)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux: authpriv.* facility in /etc/rsyslog.conf

The facility argument is used to specify what type of program is logging the message. This lets the configuration file specify that messages from different facilities will be handled differently. - LOGAUTHPRIV: security/authorization messages private. The asterisk SPDX-FileCopyrightText: 2020...