Rsyslog Security Vulnerabilities and Issues — Rsyslog CVE List

Lucene search

RsyslogRsyslog

17 matches found

CVE•added 2022/05/06 12:15 a.m.•415 views

CVE-2022-24903

Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code executi...

8.1CVSS8.7AI score0.0108EPSS

CVE•added 2019/01/25 6:29 p.m.•306 views

CVE-2018-16881

A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.

7.5CVSS7.1AI score0.01859EPSS

CVE•added 2019/10/07 4:15 p.m.•274 views

CVE-2019-17041

An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not satisfy this const...

9.8CVSS9.4AI score0.01938EPSS

CVE•added 2019/10/07 4:15 p.m.•249 views

CVE-2019-17042

An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy this constraint. If...

9.8CVSS9.4AI score0.00763EPSS

CVE•added 2014/11/02 12:55 a.m.•131 views

CVE-2014-3634

rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.

7.5CVSS8.2AI score0.30554EPSS

CVE•added 2019/09/30 2:15 p.m.•130 views

CVE-2019-17040

contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled.

9.8CVSS9.2AI score0.005EPSS

CVE•added 2014/11/02 12:55 a.m.•73 views

CVE-2014-3683

Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634.

5CVSS7.8AI score0.30554EPSS

CVE•added 2012/09/25 11:55 p.m.•56 views

CVE-2011-4623

Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffer overflow.

2.1CVSS6.3AI score0.0009EPSS

CVE•added 2017/07/25 6:29 p.m.•56 views

CVE-2015-3243

rsyslog uses weak permissions for generating log files, which allows local users to obtain sensitive information by reading files in /var/log/cron.

5.5CVSS5.2AI score0.00066EPSS

CVE•added 2019/11/14 2:15 a.m.•55 views

CVE-2011-1490

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message be...

5.5CVSS5.3AI score0.00153EPSS

CVE•added 2017/08/06 2:29 p.m.•54 views

CVE-2017-12588

The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.

9.8CVSS8.7AI score0.00353EPSS

CVE•added 2019/11/14 2:15 a.m.•51 views

CVE-2011-1489

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message b...

5.5CVSS5.3AI score0.00153EPSS

CVE•added 2019/11/14 2:15 a.m.•50 views

CVE-2011-1488

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent with...

5.5CVSS5.2AI score0.00153EPSS

CVE•added 2011/09/06 4:55 p.m.•50 views

CVE-2011-3200

Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.

5CVSS6.8AI score0.64777EPSS

Web

CVE•added 2008/12/17 2:30 a.m.•40 views

CVE-2008-5617

The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to bypass intended access restrictions and spoof log messages or create a large number of spurious messages.

8.5CVSS6.3AI score0.00389EPSS

CVE•added 2008/12/17 2:30 a.m.•39 views

CVE-2008-5618

imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 before 3.20.2 generates a message even when it is sent by an unauthorized sender, which allows remote attackers to cause a denial of service (disk consumption) via a large number of spurious messages.

5CVSS6.2AI score0.00474EPSS

CVE•added 2013/10/04 5:55 p.m.•34 views

CVE-2013-4758

Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a craft...

6.8CVSS7.7AI score0.01216EPSS