CVE-2011-4623
rsyslog: DoS due integer signedness error while extending rsyslog counted string buffer
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffer overflow.
Desbordamiento de entero en la función rsCStrExtendBuf en runtime/stringbuf.c en el módulo imfile en rsyslog v4.x anteriores v4.6.6, v5.x anteriores a v5.7.4, y v6.x anteriores a v6.1.4, permite a atacantes remotos provocar una denegación de servicio (cuelgue del demonio) a través de un fichero grande, que provoca un desbordamiento de búfer basado en memoria dinámica.
The rsyslog packages provide an enhanced, multi-threaded syslog daemon. A numeric truncation error, leading to a heap-based buffer overflow, was found in the way the rsyslog imfile module processed text files containing long lines. An attacker could use this flaw to crash the rsyslogd daemon or, possibly, execute arbitrary code with the privileges of rsyslogd, if they are able to cause a long line to be written to a log file that rsyslogd monitors with imfile. The imfile module is not enabled by default.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-11-29 CVE Reserved
- 2012-01-24 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-189: Numeric Errors
CAPEC
References (13)
| URL | Tag | Source |
|---|---|---|
| http://bugzilla.adiscon.com/show_bug.cgi?id=221 | X_refsource_confirm | |
| http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=6bad782f154b7f838c7371bf99c13f6dc4ec4101 | X_refsource_confirm | |
| http://rsyslog.com/changelog-for-4-6-6-v4-stable | X_refsource_confirm | |
| http://rsyslog.com/changelog-for-5-7-4-v5-beta | X_refsource_confirm | |
| http://rsyslog.com/changelog-for-6-1-4-devel | X_refsource_confirm | |
| http://www.openwall.com/lists/oss-security/2011/12/22/2 | Mailing List |
|
| http://www.securityfocus.com/bid/51171 | Vdb Entry | |
| http://www.securitytracker.com/id?1026556 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.ubuntu.com/usn/USN-1338-1 | 2023-02-13 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/45848 | 2023-02-13 | |
| http://secunia.com/advisories/47698 | 2023-02-13 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=769822 | 2012-06-19 | |
| https://access.redhat.com/security/cve/CVE-2011-4623 | 2012-06-19 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.1.0 Search vendor "Rsyslog" for product "Rsyslog" and version "4.1.0" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.1.1 Search vendor "Rsyslog" for product "Rsyslog" and version "4.1.1" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.1.2 Search vendor "Rsyslog" for product "Rsyslog" and version "4.1.2" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.1.3 Search vendor "Rsyslog" for product "Rsyslog" and version "4.1.3" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.1.4 Search vendor "Rsyslog" for product "Rsyslog" and version "4.1.4" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.1.5 Search vendor "Rsyslog" for product "Rsyslog" and version "4.1.5" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.1.6 Search vendor "Rsyslog" for product "Rsyslog" and version "4.1.6" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.1.7 Search vendor "Rsyslog" for product "Rsyslog" and version "4.1.7" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.2.0 Search vendor "Rsyslog" for product "Rsyslog" and version "4.2.0" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.3.0 Search vendor "Rsyslog" for product "Rsyslog" and version "4.3.0" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.3.1 Search vendor "Rsyslog" for product "Rsyslog" and version "4.3.1" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.3.2 Search vendor "Rsyslog" for product "Rsyslog" and version "4.3.2" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.4.0 Search vendor "Rsyslog" for product "Rsyslog" and version "4.4.0" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.4.1 Search vendor "Rsyslog" for product "Rsyslog" and version "4.4.1" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.4.2 Search vendor "Rsyslog" for product "Rsyslog" and version "4.4.2" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.5.0 Search vendor "Rsyslog" for product "Rsyslog" and version "4.5.0" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.5.1 Search vendor "Rsyslog" for product "Rsyslog" and version "4.5.1" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.5.2 Search vendor "Rsyslog" for product "Rsyslog" and version "4.5.2" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.5.3 Search vendor "Rsyslog" for product "Rsyslog" and version "4.5.3" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.5.4 Search vendor "Rsyslog" for product "Rsyslog" and version "4.5.4" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.5.5 Search vendor "Rsyslog" for product "Rsyslog" and version "4.5.5" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.5.6 Search vendor "Rsyslog" for product "Rsyslog" and version "4.5.6" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.5.7 Search vendor "Rsyslog" for product "Rsyslog" and version "4.5.7" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.5.8 Search vendor "Rsyslog" for product "Rsyslog" and version "4.5.8" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.6.0 Search vendor "Rsyslog" for product "Rsyslog" and version "4.6.0" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.6.1 Search vendor "Rsyslog" for product "Rsyslog" and version "4.6.1" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.6.2 Search vendor "Rsyslog" for product "Rsyslog" and version "4.6.2" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.6.3 Search vendor "Rsyslog" for product "Rsyslog" and version "4.6.3" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.6.4 Search vendor "Rsyslog" for product "Rsyslog" and version "4.6.4" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 4.6.5 Search vendor "Rsyslog" for product "Rsyslog" and version "4.6.5" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.1.0 Search vendor "Rsyslog" for product "Rsyslog" and version "5.1.0" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.1.1 Search vendor "Rsyslog" for product "Rsyslog" and version "5.1.1" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.1.2 Search vendor "Rsyslog" for product "Rsyslog" and version "5.1.2" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.1.3 Search vendor "Rsyslog" for product "Rsyslog" and version "5.1.3" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.1.4 Search vendor "Rsyslog" for product "Rsyslog" and version "5.1.4" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.1.5 Search vendor "Rsyslog" for product "Rsyslog" and version "5.1.5" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.1.6 Search vendor "Rsyslog" for product "Rsyslog" and version "5.1.6" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.2.0 Search vendor "Rsyslog" for product "Rsyslog" and version "5.2.0" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.2.1 Search vendor "Rsyslog" for product "Rsyslog" and version "5.2.1" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.2.2 Search vendor "Rsyslog" for product "Rsyslog" and version "5.2.2" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.3.1 Search vendor "Rsyslog" for product "Rsyslog" and version "5.3.1" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.3.2 Search vendor "Rsyslog" for product "Rsyslog" and version "5.3.2" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.3.3 Search vendor "Rsyslog" for product "Rsyslog" and version "5.3.3" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.3.4 Search vendor "Rsyslog" for product "Rsyslog" and version "5.3.4" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.3.5 Search vendor "Rsyslog" for product "Rsyslog" and version "5.3.5" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.3.6 Search vendor "Rsyslog" for product "Rsyslog" and version "5.3.6" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.3.7 Search vendor "Rsyslog" for product "Rsyslog" and version "5.3.7" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.4.0 Search vendor "Rsyslog" for product "Rsyslog" and version "5.4.0" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.4.1 Search vendor "Rsyslog" for product "Rsyslog" and version "5.4.1" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.4.2 Search vendor "Rsyslog" for product "Rsyslog" and version "5.4.2" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.5.0 Search vendor "Rsyslog" for product "Rsyslog" and version "5.5.0" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.5.1 Search vendor "Rsyslog" for product "Rsyslog" and version "5.5.1" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.5.2 Search vendor "Rsyslog" for product "Rsyslog" and version "5.5.2" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.5.3 Search vendor "Rsyslog" for product "Rsyslog" and version "5.5.3" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.5.4 Search vendor "Rsyslog" for product "Rsyslog" and version "5.5.4" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.5.5 Search vendor "Rsyslog" for product "Rsyslog" and version "5.5.5" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.5.6 Search vendor "Rsyslog" for product "Rsyslog" and version "5.5.6" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.5.7 Search vendor "Rsyslog" for product "Rsyslog" and version "5.5.7" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.6.0 Search vendor "Rsyslog" for product "Rsyslog" and version "5.6.0" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.6.1 Search vendor "Rsyslog" for product "Rsyslog" and version "5.6.1" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.6.2 Search vendor "Rsyslog" for product "Rsyslog" and version "5.6.2" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.6.3 Search vendor "Rsyslog" for product "Rsyslog" and version "5.6.3" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.6.4 Search vendor "Rsyslog" for product "Rsyslog" and version "5.6.4" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.6.5 Search vendor "Rsyslog" for product "Rsyslog" and version "5.6.5" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.7.0 Search vendor "Rsyslog" for product "Rsyslog" and version "5.7.0" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.7.1 Search vendor "Rsyslog" for product "Rsyslog" and version "5.7.1" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.7.2 Search vendor "Rsyslog" for product "Rsyslog" and version "5.7.2" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 5.7.3 Search vendor "Rsyslog" for product "Rsyslog" and version "5.7.3" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 6.1.0 Search vendor "Rsyslog" for product "Rsyslog" and version "6.1.0" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 6.1.1 Search vendor "Rsyslog" for product "Rsyslog" and version "6.1.1" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 6.1.2 Search vendor "Rsyslog" for product "Rsyslog" and version "6.1.2" | - |
Affected
| ||||||
| Rsyslog Search vendor "Rsyslog" | Rsyslog Search vendor "Rsyslog" for product "Rsyslog" | 6.1.3 Search vendor "Rsyslog" for product "Rsyslog" and version "6.1.3" | - |
Affected
| ||||||