Lucene search
K

855 matches found

ArchLinux
ArchLinux
added 2014/10/01 12:0 a.m.39 views

rsyslog: remote denial of service

Sending a syslog message containing an invalid PRI value to a vulnerable rsyslog server accepting remote message will trigger a denial of service by crashing the rsyslog process...

7.5CVSS4.3AI score0.07546EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/10/01 12:0 a.m.28 views

FreeBSD : rsyslog -- remote syslog PRI vulnerability (8e0e86ff-48b5-11e4-ab80-000c29f6ae42)

The rsyslog project reports : potential abort when a message with PRI 191 was processed if the 'pri-text' property was used in active templates, this could be abused to a remote denial of service from permitted senders The original fix for CVE-2014-3634 was not adequate. %NASLMINLEVEL 70300 C...

7.5CVSS5.4AI score0.07546EPSS
Exploits1References3
OSV
OSV
added 2014/10/01 12:0 a.m.2 views

UBUNTU-CVE-2014-3634

rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a crafted priority PRI value that triggers an out-of-bounds array access...

7.5CVSS6.1AI score0.07546EPSS
Exploits2References6
Debian
Debian
added 2014/09/30 9:13 p.m.32 views

[SECURITY] [DSA 3040-1] rsyslog security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3040-1 [email protected] http://www.debian.org/security/ September 30, 2014 http://www.debian.org/security/faq - -------------------------------------------------------------------------...

7.5CVSS6AI score0.07546EPSS
Exploits1
OpenVAS
OpenVAS
added 2014/09/30 12:0 a.m.26 views

Debian Security Advisory DSA 3040-1 (rsyslog - security update)

Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog, a system for log processing. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial of service attack. OpenV...

7.5CVSS0.5AI score0.07546EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2014/09/30 12:0 a.m.109 views

rsyslog -- remote syslog PRI vulnerability

The rsyslog project reports: potential abort when a message with PRI 191 was processed if the "pri-text" property was used in active templates, this could be abused to a remote denial of service from permitted senders The original fix for CVE-2014-3634 was not adequate...

7.5CVSS5.9AI score0.07546EPSS
Exploits1References1
OSV
OSV
added 2014/09/30 12:0 a.m.26 views

DSA-3040-1 rsyslog - security update

Bulletin has no description...

7.5CVSS8AI score0.07546EPSS
Exploits1
OpenVAS
OpenVAS
added 2014/09/29 12:0 a.m.12 views

Debian: Security Advisory (DSA-3040-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.2AI score0.07546EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.21 views

openSUSE Security Update : rsyslog (openSUSE-SU-2011:1020-1)

Specially crafted log messages could crash rsyslogd CVE-2011-3200. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update rsyslog-5099. The text description of this plugin is C SUSE LLC...

5CVSS6.6AI score0.20759EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.26 views

openSUSE Security Update : rsyslog (openSUSE-SU-2011:0326-1)

rsyslog was updated to version 5.6.5 to fix a number of memory leaks that could crash the syslog daemon CVE-2011-1488, CVE-2011-1489, CVE-2011-1490. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

5.5CVSS5.5AI score0.00476EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.20 views

openSUSE Security Update : rsyslog (openSUSE-SU-2011:1020-1)

Specially crafted log messages could crash rsyslogd CVE-2011-3200. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update rsyslog-5099. The text description of this plugin is C SUSE LLC...

5CVSS6.6AI score0.20759EPSS
Exploits2References3
NVD
NVD
added 2013/10/04 5:55 p.m.15 views

CVE-2013-4758

Double free vulnerability in the writeDataError function in the ElasticSearch plugin omelasticsearch in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted...

6.8CVSS7.5AI score0.0233EPSS
Exploits0References3
Prion
Prion
added 2013/10/04 5:55 p.m.15 views

Double free

Double free vulnerability in the writeDataError function in the ElasticSearch plugin omelasticsearch in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted...

6.8CVSS8.2AI score0.0233EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2013/10/04 5:55 p.m.26 views

CVE-2013-4758

Double free vulnerability in the writeDataError function in the ElasticSearch plugin omelasticsearch in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted...

6.8CVSS5.9AI score0.0233EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/10/04 5:0 p.m.21 views

CVE-2013-4758

Double free vulnerability in the writeDataError function in the ElasticSearch plugin omelasticsearch in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted...

7.5AI score0.0233EPSS
Exploits0References3
CVE
CVE
added 2013/10/04 5:0 p.m.45 views

CVE-2013-4758

CVE-2013-4758 describes a double‑free memory corruption in the rsyslog omelasticsearch plugin (ElasticSearch plugin) within rsyslog when the errorfile parameter is set for local logging. The underlying issue is in writeDataError, affecting rsyslog versions up to 7.4.1 (stable) and up to 7.5.1 (de...

6.8CVSS7.7AI score0.0233EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2013/10/04 5:0 p.m.108 views

CVE-2013-4758

Double free vulnerability in the writeDataError function in the ElasticSearch plugin omelasticsearch in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted...

6.8CVSS7.3AI score0.0233EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.26 views

Amazon Linux AMI : rsyslog (ALAS-2012-105)

A numeric truncation error, leading to a heap-based buffer overflow, was found in the way the rsyslog imfile module processed text files containing long lines. An attacker could use this flaw to crash the rsyslogd daemon or, possibly, execute arbitrary code with the privileges of rsyslogd, if the...

2.1CVSS6.2AI score0.0042EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.29 views

Oracle Linux 6 : rsyslog (ELSA-2011-1247)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-1247 advisory. 4.6.2-3.el61.2 - add patch to resolve buffer overflow CVE-2011-3200 Resolves: 733647 Tenable has extracted the preceding description block directly from the...

5CVSS5.8AI score0.20759EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.37 views

Oracle Linux 6 : rsyslog (ELSA-2012-0796)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-0796 advisory. 5.8.10-2 - add patch to update information on debugging in the man page Resolves: 820311 - add patch to prevent debug output to stdout after forking Resolves:...

2.1CVSS5.5AI score0.0042EPSS
Exploits0References2
Rows per page
Query Builder