CVSS: 8.1EPSS: 14%CPEs: 6EXPL: 0CVE-2022-24903 – Buffer overflow in TCP syslog server (receiver) components in rsyslog
https://notcve.org/view.php?id=CVE-2022-24903
05 May 2022 — Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code execution. But there may still be a slight chance for experts to do that. • https://github.com/rsyslog/rsyslog/commit/f211042ecbb472f9d8beb4678a65d272b6f07705 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2011-1490
https://notcve.org/view.php?id=CVE-2011-1490
14 Nov 2019 — A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset Se encontró una pérdida de memoria en rsyslog versiones anteriores a la versión 5.7.6, en la manera en que son registrados los mensajes de log procesados ??en el demonio cuando se ... • http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00005.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2011-1489
https://notcve.org/view.php?id=CVE-2011-1489
14 Nov 2019 — A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset. Se encontró una pérdida de memoria en rsyslog versiones anteriores a la versión 5.7.6, en la manera en que son registrados los mensajes de log procesados ??en el demonio cuando m... • http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00005.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2011-1488
https://notcve.org/view.php?id=CVE-2011-1488
14 Nov 2019 — A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of the rsyslogd daemon service by crashing the service via a sequence of repeated log messages sent within short periods of time. Se encontró una pérdida de memoria en rsyslog versiones anteriores a la versión 5.7.6, en la manera en que son registrados los mensajes de log procesados ??en el demonio cuando $RepeatedM... • http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00005.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0CVE-2018-16881 – rsyslog: imptcp: integer overflow when Octet-Counted TCP Framing is enabled
https://notcve.org/view.php?id=CVE-2018-16881
25 Jan 2019 — A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable. Se ha detectado una vulnerabilidad de denegación de servicio (DoS) en rsyslog en el módulo imptcp. Un atacante podría enviar un mensaje especialmente manipulado al socket imptcp, lo que conduciría al cierre forzado de rsyslog. • https://access.redhat.com/errata/RHBA-2019:2501 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12588
https://notcve.org/view.php?id=CVE-2017-12588
06 Aug 2017 — The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact. Los módulos de entrada y salida de zmq3 en versiones de rsyslog anteriores a 8.28.0 interpretaban campos de descripción como cadenas de formato, lo que podía dar lugar a un ataque de tipo “format string” y causar un impacto no especificado. • https://github.com/rsyslog/rsyslog/blob/master/ChangeLog • CWE-134: Use of Externally-Controlled Format String •
CVSS: 9.8EPSS: 6%CPEs: 26EXPL: 1CVE-2014-3683 – Mandriva Linux Security Advisory 2014-196
https://notcve.org/view.php?id=CVE-2014-3683
09 Oct 2014 — Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634. Desbordamiento de enteros en rsyslog anterior a 7.6.7 y 8.x anterior a 8.4.2 y sysklogd 1.5 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) a través de un valor de prioridad (PRI) grande. NOTA: esta vulnerabilid... • http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00005.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 16%CPEs: 25EXPL: 1CVE-2014-3634 – rsyslog: remote syslog PRI vulnerability
https://notcve.org/view.php?id=CVE-2014-3634
01 Oct 2014 — rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access. rsyslog anterior a 7.6.6 y 8.x anterior a 8.4.1 y sysklogd 1.5 y anteriores permiten a atacantes remotos causar una denegación de servicio (caída), posiblemente ejecutar código arbitrario o tener otro impacto no especificado a través... • http://advisories.mageia.org/MGASA-2014-0411.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 6%CPEs: 42EXPL: 0CVE-2013-4758 – rsyslog ElasticSearch Memory Corruption
https://notcve.org/view.php?id=CVE-2013-4758
05 Jul 2013 — Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JSON response. Vulnerabilidad de doble liberación en la función writeDataError en el plugin Elasticsearch (omelasticsearch) en rsyslog anterior a 7.4.2 y anterior a 7.5.2 devel, cuando un errorfile se establece... • http://www.openwall.com/lists/oss-security/2013/07/05/2 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 72EXPL: 0CVE-2011-4623 – rsyslog: DoS due integer signedness error while extending rsyslog counted string buffer
https://notcve.org/view.php?id=CVE-2011-4623
25 Sep 2012 — Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffer overflow. Desbordamiento de entero en la función rsCStrExtendBuf en runtime/stringbuf.c en el módulo imfile en rsyslog v4.x anteriores v4.6.6, v5.x anteriores a v5.7.4, y v6.x anteriores a v6.1.4, permite a atacantes remotos provocar un... • http://bugzilla.adiscon.com/show_bug.cgi?id=221 • CWE-189: Numeric Errors •