SUSE SLES12 Security Update : rsyslog (SUSE-SU-2020:0424-1)

This update for rsyslog fixes the following issues : Security issues fixed : CVE-2019-17041: Fixed a heap overflow in the parser for AIX log messages bsc1153451. CVE-2019-17042: Fixed a heap overflow in the parser for Cisco log messages bsc1153459. Non-security issues fixed: Handle multiline...

Denial Of Service (DoS)

rsyslog is vulnerable to denial of service DoS attacks. The vulnerability exists due to an integer overflow issue in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of...

Medium: rsyslog

Issue Overview: A numeric truncation error, leading to a heap-based buffer overflow, was found in the way the rsyslog imfile module processed text files containing long lines. An attacker could use this flaw to crash the rsyslogd daemon or, possibly, execute arbitrary code with the privileges of...

rsyslog: DoS due integer signedness error while extending rsyslog counted string buffer

Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service daemon hang via a large file, which triggers a heap-based buffer overflow...

PT-2012-1180 · Rsyslog +2 · Rsyslog +2

Name of the Vulnerable Software and Affected Versions: rsyslog versions prior to 8.4.2 rsyslog versions 4.x prior to 4.6.6 rsyslog versions 5.x prior to 5.7.4 rsyslog versions 6.x prior to 6.1.4 Description: The issue is related to multiple vulnerabilities in the rsyslog package, which can be...

Ubuntu: Security Advisory (USN-1338-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 11.04 : rsyslog vulnerability (USN-1338-1)

Peter Eisentraut discovered that Rsyslog would not properly perform input validation when configured to use imfile. If an attacker were able to craft messages in a file that Rsyslog monitored, an attacker could cause a denial of service. The imfile module is disabled by default in Ubuntu. Note th...

CVE-2011-4623

Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service daemon hang via a large file, which triggers a heap-based buffer overflow...