CVE-2011-3200 – rsyslog: parseLegacySyslogMsg off-by-two buffer overflow
https://notcve.org/view.php?id=CVE-2011-3200
Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message. Un desbordamiento de búfer basado en la pila en la función parseLegacySyslogMsg en tools/syslogd.c en rsyslogd en rsyslog v4.6.x antes de v4.6.8 y v5.2.0 hasta la v5.8.4 podría permitir a atacantes remotos provocar una denegación de servicio (salida de la aplicación) a través de un TAG demasiado largo en un mensaje de syslog antiguo. • http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=1ca6cc236d1dabf1633238b873fb1c057e52f95e http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065837.html http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065941.html http://lists.opensuse.org/opensuse-updates/2011-09/msg00013.html http://secunia.com/advisories/45922 http://secunia.com/advisories/46027 http://securitytracker.com/id?1026000 http://www.mandriva.com/security/advisories?name=MDVSA-2011:134 http://w • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-5617
https://notcve.org/view.php?id=CVE-2008-5617
The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to bypass intended access restrictions and spoof log messages or create a large number of spurious messages. El manejador ACL de rsyslog v3.12.1 hasta v3.20.0, v4.1.0 y v4.1.1, no sigue la directiva $AllowSender, lo que permite a atacantes remotos evitar las restricciones de acceso pretendidas y falsear los mensajes de registro (log) o crear un gran número de mensajes falsos. • http://secunia.com/advisories/32857 http://www.rsyslog.com/Article322.phtml http://www.rsyslog.com/Article327.phtml http://www.rsyslog.com/Topic4.phtml http://www.securityfocus.com/bid/32630 https://exchange.xforce.ibmcloud.com/vulnerabilities/47080 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-5618
https://notcve.org/view.php?id=CVE-2008-5618
imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 before 3.20.2 generates a message even when it is sent by an unauthorized sender, which allows remote attackers to cause a denial of service (disk consumption) via a large number of spurious messages. imudp en rsyslog 4.x versiones anteriores a 4.1.2, 3.21 versiones anteriores a 3.21.9 beta, y 3.20 versiones anteriores a 3.20.2 genera un mensaje aún cuando es enviado por un remitente no autorizado, el cual permite a los atacantes remoto causar una denegación de servicios (consumo de disco) a través de un número largo de mensajes falsos. • http://www.rsyslog.com/Topic4.phtml •
CVE-2005-3074
https://notcve.org/view.php?id=CVE-2005-3074
SQL injection vulnerability in rsyslogd in RSyslog before 1.0.1 and before 1.10.1 allows remote attackers to execute arbitrary SQL commands via crafted syslog messages. • http://secunia.com/advisories/16947 http://www.rsyslog.com/Article35.phtml •