855 matches found
The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the rsyslog-mysql-5.8.10 package for the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...
The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the rsyslog-snmp-7.4.7 package on the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...
The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the rsyslog7-7.4.10 package for the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...
The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the rsyslog-libdbi-7.4.7 package on the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...
The vulnerability of the CentOS operating system allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the rsyslog-udpspoof-7.4.7 package for the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of this vulnerability can be carried out remotely...
Mandriva Linux Security Advisory : rsyslog (MDVSA-2015:130)
Updated rsyslog packages fix security vulnerability : Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial...
Debian DLA-72-2 : rsyslog regression update
The Wheezy patch left an unresolved symbol in the imklog module of the Squeeze version. rsyslog worked fine except that messages from the kernel couldn't be submitted any longer. This update fixes this issue. NOTE: Tenable Network Security has extracted the preceding description block directly fr...
GLSA-201412-35 : RSYSLOG: Denial of Service
The remote host is affected by the vulnerability described in GLSA-201412-35 RSYSLOG: Denial of Service Multiple vulnerabilities have been discovered in RSYSLOG. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker may be able to create a Denial of...
RSYSLOG: Denial of service
Background RSYSLOG is an enhanced multi-threaded syslogd with database support and more. Description Multiple vulnerabilities have been discovered in RSYSLOG. Please review the CVE identifiers referenced below for details. Impact A context-dependent attacker may be able to create a Denial of...
RSYSLOG PRI Value Parsing Integer Overflow Denial of Service (CVE-2014-3683)
A denial of service vulnerability has been reported in rsyslog and sysklogd. The vulnerability is due to an integer overflow when handling PRI values larger than MAXINT in log messages. A remote, unauthenticated attacker can exploit these vulnerabilities by sending crafted packets to an affected...
AIX rsyslog Advisory : rsyslog_advisory.asc
The version of rsyslog installed on the remote AIX host is affected by a remote code execution or denial of service vulnerability : - The installed rsyslog allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impacts by crafting a...
OracleVM 3.3 : rsyslog (OVMSA-2014-0030)
The remote OracleVM system is missing necessary patches to address critical security updates : - use setsid to get a controlling session and process group Orabug: 17346261 Todd Vierling - fix CVE-2014-3634 resolves: 1149148 - drop patch 5 which introduced a regression resolves: 927405 reverts:...
Amazon Linux AMI : rsyslog (ALAS-2014-445)
A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon. CVE-2014-3634 C Tenable Network Security, Inc. The descriptive...
Open Source RSyslog vulnerability
IBM SECURITY ADVISORY First Issued: Fri Nov 14 03:31:13 PM CST 2014 | Updated: Mon Dec 01 10:21:50 AM CST 2014 | Update: Fileset name incorrect in lslpp command The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/rsyslogadvisory.asc...
Medium: rsyslog
Issue Overview: A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon. CVE-2014-3634 Affected Packages: rsyslog Issue...
CVE-2014-3683
Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash via a large priority PRI value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634...
CVE-2014-3634
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a crafted priority PRI value that triggers an out-of-bounds array access...
DEBIAN-CVE-2014-3634
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a crafted priority PRI value that triggers an out-of-bounds array access...
DEBIAN-CVE-2014-3683
Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash via a large priority PRI value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634...
CVE-2014-3634
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a crafted priority PRI value that triggers an out-of-bounds array access...