855 matches found
Security fix for the ALT Linux 7 package rsyslog version 7.6.7-alt0.M70P.1
7.6.7-alt0.M70P.1 built Oct. 13, 2014 Alexey Shabalin in task 131847 Oct. 9, 2014 Alexey Shabalin - 7.6.7 - fixed CVE-2014-3634, CVE-2014-3683...
rsyslog security update
7.4.7-7.0.1 - use setsid to get a controlling session and process group Orabug: 17346261 Todd Vierling 7.4.7-7 - fix CVE-2014-3634 resolves: 1149152...
Ubuntu 14.04 LTS : Rsyslog vulnerabilities (USN-2381-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2381-1 advisory. It was discovered that Rsyslog incorrectly handled invalid PRI values. An attacker could use this issue to send malformed messages to the Rsyslog server...
Ubuntu: Security Advisory (USN-2381-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2381-1: Rsyslog vulnerabilities
It was discovered that Rsyslog incorrectly handled invalid PRI values. An attacker could use this issue to send malformed messages to the Rsyslog server and cause it to stop responding, resulting in a denial of service and possibly message loss. CVE-2014-3634, CVE-2014-3683...
USN-2381-1 rsyslog vulnerabilities
It was discovered that Rsyslog incorrectly handled invalid PRI values. An attacker could use this issue to send malformed messages to the Rsyslog server and cause it to stop responding, resulting in a denial of service and possibly message loss. CVE-2014-3634, CVE-2014-3683...
MGASA-2014-0411 Updated rsyslog packages fix CVE-2014-3634
Updated rsyslog packages fix security vulnerability: Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial ...
Updated rsyslog packages fix CVE-2014-3634
Updated rsyslog packages fix security vulnerability: Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial ...
Debian DSA-3047-1 : rsyslog - security update
Mancha discovered a vulnerability in rsyslog, a system for log processing. This vulnerability is an integer overflow that can be triggered by malformed messages to a server, if this one accepts data from untrusted sources, provoking message loss, denial of service and, potentially, remote code...
[SECURITY] [DSA 3047-1] rsyslog security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3047-1 [email protected] http://www.debian.org/security/ Luciano Bello October 08, 2014 http://www.debian.org/security/faq -...
rsyslog: remote denial of service
The rsyslog fix shipped in 8.4.1 for an invalid PRI value see ASA-201410-1 was incomplete, as it did not cover cases where PRI values MAXINT. These values caused an integer overflow, resulting in negative values. Sending a syslog message containing an invalid PRI value to a vulnerable rsyslog...
Debian Security Advisory DSA 3047-1 (rsyslog - security update)
Mancha discovered a vulnerability in rsyslog, a system for log processing. This vulnerability is an integer overflow that can be triggered by malformed messages to a server, if this one accepts data from untrusted sources, provoking message loss. This vulnerability can be seen as an incomplete fi...
DSA-3047-1 rsyslog - security update
Bulletin has no description...
Debian: Security Advisory (DSA-3047-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
rsyslog DoS
DoS on request parsing...
[SECURITY] [DSA 3040-1] rsyslog security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3040-1 [email protected] http://www.debian.org/security/ September 30, 2014 http://www.debian.org/security/faq -...
CVE-2014-3683
Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash via a large priority PRI value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634...
Debian DSA-3040-1 : rsyslog - security update
Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog, a system for log processing. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial of service attack...
UBUNTU-CVE-2014-3683
Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash via a large priority PRI value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634...
UBUNTU-CVE-2014-3634
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a crafted priority PRI value that triggers an out-of-bounds array access...