855 matches found
Moderate: Red Hat Security Advisory: rsyslog security update
Updated rsyslog packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
rsyslog: parseLegacySyslogMsg off-by-two buffer overflow
Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service application exit via a long TAG in a legacy syslog message...
rsyslog security update
4.6.2-3.el61.2 - add patch to resolve buffer overflow CVE-2011-3200 Resolves: 733647...
openSUSE Security Update : rsyslog (rsyslog-367)
rsyslog ignored the $AllowedSender configuration directive, therefore accepting log messages from anyone CVE-2008-5617. Additionally imudp logged a message when unauthorized senders tried to send to it, therefore allowing attackers to flood the log CVE-2008-5618. %NASLMINLEVEL 70300 C Tenable...
openSUSE Security Update : rsyslog (rsyslog-392)
rsyslog ignored the $AllowedSender configuration directive, therefore accepting log messages from anyone CVE-2008-5617. Additionally imudp logged a message when unauthorized senders tried to send to it, therefore allowing attackers to flood the log CVE-2008-5618. %NASLMINLEVEL 70300 C Tenable...
MDVA-2009:036 : postfix
Postfix as shipped with Mandriva Linux 2009.0 fails to install if rsyslog logging daemon is installed. This updated package adds support for correct Postfix integration with rsyslog. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a securi...
Fedora 10 : rsyslog-3.21.9-1.fc10 (2008-11476)
Security fixes for CVE-2008-5617 and CVE-2008-5618, detailed in: http://www.rsyslog.com/Article322.phtml http://secunia.com/Advisories/32857/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
Fedora Update for rsyslog FEDORA-2008-11538
Check for the Version of rsyslog OpenVAS Vulnerability Test Fedora Update for rsyslog FEDORA-2008-11538 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for rsyslog FEDORA-2008-11476
Check for the Version of rsyslog OpenVAS Vulnerability Test Fedora Update for rsyslog FEDORA-2008-11476 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for rsyslog FEDORA-2008-11538
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for rsyslog FEDORA-2008-11476
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
[SECURITY] Fedora 10 Update: rsyslog-3.21.9-1.fc10
Rsyslog is an enhanced multi-threaded syslogd supporting, among others, MyS QL, syslog/tcp, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is quite compatible to stock syskl ogd and can be used as a drop-in replacement. Its advanced...
[SECURITY] Fedora 9 Update: rsyslog-3.20.2-2.fc9
Rsyslog is an enhanced multi-threaded syslogd supporting, among others, MyS QL, syslog/tcp, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is quite compatible to stock syskl ogd and can be used as a drop-in replacement. Its advanced...
Fedora 9 : rsyslog-3.20.2-2.fc9 (2008-11538)
Security fixes for CVE-2008-5617 and CVE-2008-5618, detailed in: http://www.rsyslog.com/Article322.phtml http://secunia.com/Advisories/32857/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
CVE-2008-5617
The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to bypass intended access restrictions and spoof log messages or create a large number of spurious messages...
Design/Logic Flaw
The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to bypass intended access restrictions and spoof log messages or create a large number of spurious messages...
CVE-2008-5617
The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to bypass intended access restrictions and spoof log messages or create a large number of spurious messages...
Design/Logic Flaw
imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 before 3.20.2 generates a message even when it is sent by an unauthorized sender, which allows remote attackers to cause a denial of service disk consumption via a large number of spurious messages...
CVE-2008-5618
imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 before 3.20.2 generates a message even when it is sent by an unauthorized sender, which allows remote attackers to cause a denial of service disk consumption via a large number of spurious messages...
CVE-2008-5618
imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 before 3.20.2 generates a message even when it is sent by an unauthorized sender, which allows remote attackers to cause a denial of service disk consumption via a large number of spurious messages...