CVE-2011-3200 – rsyslog: parseLegacySyslogMsg off-by-two buffer overflow

https://notcve.org/view.php?id=CVE-2011-3200

06 Sep 2011 — Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message. Un desbordamiento de búfer basado en la pila en la función parseLegacySyslogMsg en tools/syslogd.c en rsyslogd en rsyslog v4.6.x antes de v4.6.8 y v5.2.0 hasta la v5.8.4 podría permitir a atacantes remotos provocar una denegación de servicio ... • https://packetstorm.news/files/id/180541 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •