CVSS: 8.1EPSS: 14%CPEs: 6EXPL: 0CVE-2022-24903 – Buffer overflow in TCP syslog server (receiver) components in rsyslog
https://notcve.org/view.php?id=CVE-2022-24903
05 May 2022 — Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code execution. But there may still be a slight chance for experts to do that. • https://github.com/rsyslog/rsyslog/commit/f211042ecbb472f9d8beb4678a65d272b6f07705 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0CVE-2018-16881 – rsyslog: imptcp: integer overflow when Octet-Counted TCP Framing is enabled
https://notcve.org/view.php?id=CVE-2018-16881
25 Jan 2019 — A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable. Se ha detectado una vulnerabilidad de denegación de servicio (DoS) en rsyslog en el módulo imptcp. Un atacante podría enviar un mensaje especialmente manipulado al socket imptcp, lo que conduciría al cierre forzado de rsyslog. • https://access.redhat.com/errata/RHBA-2019:2501 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12588
https://notcve.org/view.php?id=CVE-2017-12588
06 Aug 2017 — The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact. Los módulos de entrada y salida de zmq3 en versiones de rsyslog anteriores a 8.28.0 interpretaban campos de descripción como cadenas de formato, lo que podía dar lugar a un ataque de tipo “format string” y causar un impacto no especificado. • https://github.com/rsyslog/rsyslog/blob/master/ChangeLog • CWE-134: Use of Externally-Controlled Format String •
CVSS: 9.8EPSS: 6%CPEs: 26EXPL: 1CVE-2014-3683 – Mandriva Linux Security Advisory 2014-196
https://notcve.org/view.php?id=CVE-2014-3683
09 Oct 2014 — Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634. Desbordamiento de enteros en rsyslog anterior a 7.6.7 y 8.x anterior a 8.4.2 y sysklogd 1.5 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) a través de un valor de prioridad (PRI) grande. NOTA: esta vulnerabilid... • http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00005.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 16%CPEs: 25EXPL: 1CVE-2014-3634 – rsyslog: remote syslog PRI vulnerability
https://notcve.org/view.php?id=CVE-2014-3634
01 Oct 2014 — rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access. rsyslog anterior a 7.6.6 y 8.x anterior a 8.4.1 y sysklogd 1.5 y anteriores permiten a atacantes remotos causar una denegación de servicio (caída), posiblemente ejecutar código arbitrario o tener otro impacto no especificado a través... • http://advisories.mageia.org/MGASA-2014-0411.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 6%CPEs: 42EXPL: 0CVE-2013-4758 – rsyslog ElasticSearch Memory Corruption
https://notcve.org/view.php?id=CVE-2013-4758
05 Jul 2013 — Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JSON response. Vulnerabilidad de doble liberación en la función writeDataError en el plugin Elasticsearch (omelasticsearch) en rsyslog anterior a 7.4.2 y anterior a 7.5.2 devel, cuando un errorfile se establece... • http://www.openwall.com/lists/oss-security/2013/07/05/2 • CWE-399: Resource Management Errors •