Lucene search
K

855 matches found

ALT Linux
ALT Linux
added 2014/10/13 12:0 a.m.24 views

Security fix for the ALT Linux 7 package rsyslog version 7.6.7-alt0.M70P.1

7.6.7-alt0.M70P.1 built Oct. 13, 2014 Alexey Shabalin in task 131847 Oct. 9, 2014 Alexey Shabalin - 7.6.7 - fixed CVE-2014-3634, CVE-2014-3683...

7.5CVSS8.1AI score0.07546EPSS
Exploits2
Oracle linux
Oracle linux
added 2014/10/13 12:0 a.m.39 views

rsyslog security update

7.4.7-7.0.1 - use setsid to get a controlling session and process group Orabug: 17346261 Todd Vierling 7.4.7-7 - fix CVE-2014-3634 resolves: 1149152...

7.5CVSS2.6AI score0.07546EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/10/11 12:0 a.m.24 views

Ubuntu 14.04 LTS : Rsyslog vulnerabilities (USN-2381-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2381-1 advisory. It was discovered that Rsyslog incorrectly handled invalid PRI values. An attacker could use this issue to send malformed messages to the Rsyslog server...

7.5CVSS5.7AI score0.07546EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2014/10/10 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-2381-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.07546EPSS
Exploits2References2
Ubuntu
Ubuntu
added 2014/10/09 4:42 p.m.60 views

USN-2381-1: Rsyslog vulnerabilities

It was discovered that Rsyslog incorrectly handled invalid PRI values. An attacker could use this issue to send malformed messages to the Rsyslog server and cause it to stop responding, resulting in a denial of service and possibly message loss. CVE-2014-3634, CVE-2014-3683...

7.5CVSS5.3AI score0.07546EPSS
Exploits2
OSV
OSV
added 2014/10/09 4:42 p.m.2 views

USN-2381-1 rsyslog vulnerabilities

It was discovered that Rsyslog incorrectly handled invalid PRI values. An attacker could use this issue to send malformed messages to the Rsyslog server and cause it to stop responding, resulting in a denial of service and possibly message loss. CVE-2014-3634, CVE-2014-3683...

7.5CVSS5.8AI score0.07546EPSS
Exploits2References3
OSV
OSV
added 2014/10/09 2:39 p.m.4 views

MGASA-2014-0411 Updated rsyslog packages fix CVE-2014-3634

Updated rsyslog packages fix security vulnerability: Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial ...

7.5CVSS7.8AI score0.07546EPSS
Exploits2References5
Mageia
Mageia
added 2014/10/09 2:39 p.m.40 views

Updated rsyslog packages fix CVE-2014-3634

Updated rsyslog packages fix security vulnerability: Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial ...

7.5CVSS7.8AI score0.07546EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2014/10/09 12:0 a.m.33 views

Debian DSA-3047-1 : rsyslog - security update

Mancha discovered a vulnerability in rsyslog, a system for log processing. This vulnerability is an integer overflow that can be triggered by malformed messages to a server, if this one accepts data from untrusted sources, provoking message loss, denial of service and, potentially, remote code...

7.5CVSS6AI score0.07546EPSS
Exploits2References5
Debian
Debian
added 2014/10/08 11:9 a.m.22 views

[SECURITY] [DSA 3047-1] rsyslog security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3047-1 [email protected] http://www.debian.org/security/ Luciano Bello October 08, 2014 http://www.debian.org/security/faq -...

7.5CVSS6.2AI score0.07546EPSS
Exploits2
ArchLinux
ArchLinux
added 2014/10/08 12:0 a.m.33 views

rsyslog: remote denial of service

The rsyslog fix shipped in 8.4.1 for an invalid PRI value see ASA-201410-1 was incomplete, as it did not cover cases where PRI values MAXINT. These values caused an integer overflow, resulting in negative values. Sending a syslog message containing an invalid PRI value to a vulnerable rsyslog...

5CVSS4.2AI score0.04585EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2014/10/08 12:0 a.m.27 views

Debian Security Advisory DSA 3047-1 (rsyslog - security update)

Mancha discovered a vulnerability in rsyslog, a system for log processing. This vulnerability is an integer overflow that can be triggered by malformed messages to a server, if this one accepts data from untrusted sources, provoking message loss. This vulnerability can be seen as an incomplete fi...

7.5CVSS8.2AI score0.07546EPSS
Exploits2References1
OSV
OSV
added 2014/10/08 12:0 a.m.23 views

DSA-3047-1 rsyslog - security update

Bulletin has no description...

5CVSS8AI score0.04585EPSS
Exploits1
OpenVAS
OpenVAS
added 2014/10/07 12:0 a.m.21 views

Debian: Security Advisory (DSA-3047-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS8.2AI score0.04585EPSS
Exploits1References4
securityvulns
securityvulns
added 2014/10/05 12:0 a.m.37 views

rsyslog DoS

DoS on request parsing...

7.5CVSS2.4AI score0.07546EPSS
Exploits2References1Affected Software1
securityvulns
securityvulns
added 2014/10/05 12:0 a.m.61 views

[SECURITY] [DSA 3040-1] rsyslog security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3040-1 [email protected] http://www.debian.org/security/ September 30, 2014 http://www.debian.org/security/faq -...

7.5CVSS1.6AI score0.07546EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2014/10/02 12:0 a.m.24 views

CVE-2014-3683

Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash via a large priority PRI value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634...

5CVSS6AI score0.04585EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/10/02 12:0 a.m.29 views

Debian DSA-3040-1 : rsyslog - security update

Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog, a system for log processing. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial of service attack...

7.5CVSS5.4AI score0.07546EPSS
Exploits1References3
OSV
OSV
added 2014/10/02 12:0 a.m.1 views

UBUNTU-CVE-2014-3683

Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash via a large priority PRI value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634...

5CVSS5.9AI score0.04585EPSS
Exploits1References4
OSV
OSV
added 2014/10/01 12:0 a.m.2 views

UBUNTU-CVE-2014-3634

rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a crafted priority PRI value that triggers an out-of-bounds array access...

7.5CVSS6.1AI score0.07546EPSS
Exploits2References6
Rows per page
Query Builder