51 matches found
EUVD-2014-3629
Malware in sbrugna...
EUVD-2001-0723
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2014-3634
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary...
K42903299: rsyslog: remote syslog PRI vulnerability CVE-2014-3634
Security Advisory Description rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a crafted priority PRI value that triggers an out-of-bounds array...
SUSE CVE-2014-3683
Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash via a large priority PRI value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634...
Amazon Linux 2022 : rsyslog, rsyslog-crypto, rsyslog-elasticsearch (ALAS2022-2022-075)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-075 advisory. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use...
[SECURITY] Fedora 30 Update: rsyslog-8.1911.0-1.fc30
Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is compatible with stock sysklogd and can be used as a drop-in replacement. Rsyslog is simple to set up,...
Remote Code Execution (RCE)
rsyslog7 is vulnerable to remote code execution RCE attacks. The vulnerability exists as rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a craft...
Security Bulletin: Vulnerability in rsyslog affects SmartCloud Provisioning 2.1 for IBM Provided Software Virtual Appliance (CVE-2014-3634)
Summary Vulnerability in rsyslog package affects SmartCloud Provisioning 2.1 for IBM Provided Software Virtual Appliance CVE-2014-3634. Vulnerability Details CVEID: CVE-2014-3634 DESCRIPTION: RSyslog and sysklogd are vulnerable to a denial of service. By sending a specially-crafted message, a...
CVE-2006-1624
The default configuration of syslogd in the Linux sysklogd package does not enable the -x disable name lookups option, which allows remote attackers to cause a denial of service traffic amplification via messages with spoofed source IP addresses...
Fedora 21 : sysklogd-1.5-18.fc21 (2014-12875)
Added patch for remote syslog PRI vulnerability 1142373 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
CVE-2014-3634
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a crafted priority PRI value that triggers an out-of-bounds array access...
DEBIAN-CVE-2014-3683
Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash via a large priority PRI value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634...
CVE-2014-3683
Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash via a large priority PRI value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634...
CVE-2014-3634
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a crafted priority PRI value that triggers an out-of-bounds array access...
DEBIAN-CVE-2014-3634
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a crafted priority PRI value that triggers an out-of-bounds array access...
Out-of-bounds
rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a crafted priority PRI value that triggers an out-of-bounds array access...
Integer overflow
Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash via a large priority PRI value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634...
CVE-2014-3683
Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash via a large priority PRI value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634...
CVE-2014-3683
Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash via a large priority PRI value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634...