Oracle Linux 8 : rsyslog (ELSA-2022-4799)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-4799 advisory. 8.2102.0-7.1 - Address CVE-2022-24903, Heap-based overflow in TCP syslog server resolves: rhbz2081400 Tenable has extracted the preceding description block...

RHEL 8 : rsyslog (RHSA-2022:4801)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4801 advisory. The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on...

RHEL 8 : rsyslog (RHSA-2022:4802)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4802 advisory. The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on...

RHEL 7 : rsyslog (RHSA-2022:4803)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4803 advisory. The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on...

RHEL 8 : rsyslog (RHSA-2022:4799)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4799 advisory. The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on...

SUSE: Security Advisory (SUSE-SU-2022:1817-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 ESM : Rsyslog vulnerability (USN-5404-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5404-2 advisory. USN-5404-1 addressed a vulnerability in Rsyslog. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the preceding descripti...

Debian DLA-3016-1 : rsyslog - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3016 advisory. - A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would...

Buffer overflow in TCP syslog server (receiver) components in rsyslog

...

new packages: perl-Unix-Syslog

An update is available for perl-Unix-Syslog. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

new packages: perl-Sys-Syslog

An update is available for perl-Sys-Syslog. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

[SECURITY] Fedora 35 Update: rsyslog-8.2204.0-1.fc35

Rsyslog is an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is compatible with stock sysklogd and can be used as a drop-in replacement. Rsyslog is simple to set up,...

SUSE: Security Advisory (SUSE-SU-2022:1583-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:1583-1 Security update for rsyslog

This update for rsyslog fixes the following issues: - CVE-2022-24903: Fixed potential heap buffer overflow in modules for TCP syslog reception bsc1199061...

Mageia: Security Advisory (MGASA-2022-0165)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2022-0165 Updated rsyslog packages fix security vulnerability

Potential heap buffer overflow in TCP syslog server receiver components CVE-2022-24903...

Updated rsyslog packages fix security vulnerability

Potential heap buffer overflow in TCP syslog server receiver components CVE-2022-24903...

FreeBSD : rsyslog8 -- heap buffer overflow on receiving TCP syslog (b9837fa1-cd72-11ec-98f1-6805ca0b3d42)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b9837fa1-cd72-11ec-98f1-6805ca0b3d42 advisory. - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential...

CVE-2022-24903

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Rsyslog vulnerability (USN-5404-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5404-1 advisory. Pieter Agten discovered that Rsyslog incorrectly handled certain requests. An attacker could possibly use this issue to cause a crash...