27 matches found
Photon OS 3.0: Rsyslog PHSA-2019-3.0-0036
An update of the rsyslog package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0036. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
RHEL 6 : rsyslog (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c CVE-2019-17042 - An issue was...
Ubuntu 16.04 ESM : Rsyslog vulnerabilities (USN-5419-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5419-1 advisory. It was discovered that Rsyslog improperly handled certain invalid input. An attacker could use this issue to cause Rsyslog to crash. Tenable has extracte...
Mageia: Security Advisory (MGASA-2019-0400)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2835-1 : rsyslog - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2835 advisory. Two heap overflows were fixed in the rsyslog logging daemon. CVE-2019-17041 Heap overflow in the AIX message parser. CVE-2019-17042 Heap overflow in the Cisco log...
SUSE: Security Advisory (SUSE-SU-2020:0424-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0512-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : rsyslog (CESA-2020:1702)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1702 advisory. - rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c CVE-2019-17041 - rsyslog: heap-based overflow in...
Security Bulletin: Vulnerabilities in Rsyslog affect IBM Spectrum Protect Plus (CVE-2019-17041, CVE-2019-17042)
Summary Rsyslog is vulnerable to heap-based buffer overflows which may affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2019-17041 DESCRIPTION: Rsyslog is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the...
Medium: rsyslog
Issue Overview: An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter in this case, a space or a colon but fails to account for strings that do not...
RHEL 7 : rsyslog (RHSA-2020:1000)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1000 advisory. The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists,...
EulerOS Virtualization 3.0.2.2 : rsyslog (EulerOS-SA-2020-1276)
According to the versions of the rsyslog packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco lo...
Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2020-1218)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : rsyslog (EulerOS-SA-2020-1218)
According to the versions of the rsyslog packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser f...
SUSE SLES12 Security Update : rsyslog (SUSE-SU-2020:0424-1)
This update for rsyslog fixes the following issues : Security issues fixed : CVE-2019-17041: Fixed a heap overflow in the parser for AIX log messages bsc1153451. CVE-2019-17042: Fixed a heap overflow in the parser for Cisco log messages bsc1153459. Non-security issues fixed: Handle multiline...
Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2019-2229)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for rsyslog (EulerOS-SA-2019-2302)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.5.0 : rsyslog (EulerOS-SA-2020-1060)
According to the versions of the rsyslog packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser f...
openSUSE: Security Advisory for rsyslog (openSUSE-SU-2019:2501-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
EulerOS 2.0 SP3 : rsyslog (EulerOS-SA-2019-2659)
According to the versions of the rsyslog packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log...