Mandriva Linux Security Advisory 2015-130 - Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial of service attack.
20a277fb8c92c74a610c9de21b3046e5452a361ef4c9abd90afd6a2b60b739e2Gentoo Linux Security Advisory 201412-35 - Multiple vulnerabilities have been found in RSYSLOG, allowing attackers to cause Denial of Service. Versions less than 8.4.2 are affected.
7db176d00ab76358788ddc53d62e7c9adc9a9502b21744efc78dd4089352ed30Mandriva Linux Security Advisory 2014-196 - Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial of service attack.
163db772baec808ac8533a3c1ddf3059f717bd8f480fdf1a51d926bc04284d17Red Hat Security Advisory 2014-1671-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon that supports writing to relational databases, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grained output format control. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon.
0492ec6cab84392b110bcb934f8441ca003623f7479694577d1178f88b67c705Red Hat Security Advisory 2014-1654-01 - The rsyslog7 packages provide an enhanced, multi-threaded syslog daemon that supports writing to relational databases, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grained output format control. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon or, potentially, execute arbitrary code as the user running the rsyslog daemon.
87bba9d1f39138957704d3a4f521e4a6b01131482af912c7930d56c972a3f1ddRed Hat Security Advisory 2014-1397-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon that supports writing to relational databases, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grained output format control. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon or, potentially, execute arbitrary code as the user running the rsyslog daemon.
8da86fa87dcbb8b16d01e0c4641731604315c00090936247194af617d03edc73Ubuntu Security Notice 2381-1 - It was discovered that Rsyslog incorrectly handled invalid PRI values. An attacker could use this issue to send malformed messages to the Rsyslog server and cause it to stop responding, resulting in a denial of service and possibly message loss.
ef0650550269081de646357c095792813b24c790927fb53317ceafbb8d412f20Debian Linux Security Advisory 3040-1 - Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog, a system for log processing. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial of service attack.
e561d69b5178aba532af90ac7fb2ff1c69d976ffa69a1ce6567926bb397cbdd2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed