openSUSE: Security Advisory for rsyslog (openSUSE-SU-2019:2501-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora Update for rsyslog FEDORA-2019-ea7d5876a4

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

NewStart CGSL CORE 5.05 / MAIN 5.05 : rsyslog Vulnerability (NS-SA-2019-0259)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has rsyslog packages installed that are affected by a vulnerability: - A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which...

MGASA-2019-0400 Updated rsyslog packages fix security vulnerabilities

Updated rsyslog packages fix security vulnerabilities: Heap overflow in the parser for AIX log messages CVE-2019-17041. Heap overflow in the parser for Cisco log messages CVE-2019-17042...

Updated rsyslog packages fix security vulnerabilities

Updated rsyslog packages fix security vulnerabilities: Heap overflow in the parser for AIX log messages CVE-2019-17041. Heap overflow in the parser for Cisco log messages CVE-2019-17042...

EulerOS 2.0 SP3 : rsyslog (EulerOS-SA-2019-2659)

According to the versions of the rsyslog packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log...

EulerOS 2.0 SP2 : rsyslog (EulerOS-SA-2019-2418)

According to the versions of the rsyslog packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log...

NewStart CGSL CORE 5.04 / MAIN 5.04 : rsyslog Vulnerability (NS-SA-2019-0225)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has rsyslog packages installed that are affected by a vulnerability: - Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might...

EulerOS 2.0 SP8 : rsyslog (EulerOS-SA-2019-2302)

According to the versions of the rsyslog packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log...

Fedora Update for rsyslog FEDORA-2019-1fb95ae48d

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Amazon Linux 2 : rsyslog (ALAS-2019-1369)

A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash.CVE-2018-16881 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

Fedora 30 : rsyslog (2019-1fb95ae48d)

rebase to upstream version 8.1911.0 ------------------------------------------------- new modules available : - ClickHouse output - generic REST API http output - docker API input - misc. external program input takes output of specified binary as log source Note that Tenable Network Security has...

[SECURITY] Fedora 30 Update: rsyslog-8.1911.0-1.fc30

Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is compatible with stock sysklogd and can be used as a drop-in replacement. Rsyslog is simple to set up,...

[SECURITY] Fedora 31 Update: rsyslog-8.1911.0-1.fc31

Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is compatible with stock sysklogd and can be used as a drop-in replacement. Rsyslog is simple to set up,...

Fedora 31 : rsyslog (2019-ea7d5876a4)

rebase to upstream version 8.1911.0 ------------------------------------------------- new modules available : - ClickHouse output - generic REST API http output - docker API input - misc. external program input takes output of specified binary as log source Note that Tenable Network Security has...

Medium: rsyslog

Issue Overview: A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash.CVE-2018-16881 Affected Packages: rsyslog Note: This advisory is applicable to Amazon Linux 2 AL...

DEBIAN-CVE-2011-1488

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent...

CVE-2011-1489

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message...

CVE-2011-1488

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent...

CVE-2011-1489

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message...