exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2014-3634

Status Candidate

Overview

rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.

Related Files

Mandriva Linux Security Advisory 2015-130
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-130 - Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial of service attack.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2014-3634
SHA-256 | 20a277fb8c92c74a610c9de21b3046e5452a361ef4c9abd90afd6a2b60b739e2
Gentoo Linux Security Advisory 201412-35
Posted Dec 26, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-35 - Multiple vulnerabilities have been found in RSYSLOG, allowing attackers to cause Denial of Service. Versions less than 8.4.2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2011-4623, CVE-2014-3634, CVE-2014-3683
SHA-256 | 7db176d00ab76358788ddc53d62e7c9adc9a9502b21744efc78dd4089352ed30
Mandriva Linux Security Advisory 2014-196
Posted Oct 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-196 - Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial of service attack.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2014-3634, CVE-2014-3683
SHA-256 | 163db772baec808ac8533a3c1ddf3059f717bd8f480fdf1a51d926bc04284d17
Red Hat Security Advisory 2014-1671-01
Posted Oct 21, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1671-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon that supports writing to relational databases, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grained output format control. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon.

tags | advisory, remote, local, tcp
systems | linux, redhat
advisories | CVE-2014-3634
SHA-256 | 0492ec6cab84392b110bcb934f8441ca003623f7479694577d1178f88b67c705
Red Hat Security Advisory 2014-1654-01
Posted Oct 17, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1654-01 - The rsyslog7 packages provide an enhanced, multi-threaded syslog daemon that supports writing to relational databases, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grained output format control. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon or, potentially, execute arbitrary code as the user running the rsyslog daemon.

tags | advisory, remote, arbitrary, local, tcp
systems | linux, redhat
advisories | CVE-2014-3634
SHA-256 | 87bba9d1f39138957704d3a4f521e4a6b01131482af912c7930d56c972a3f1dd
Red Hat Security Advisory 2014-1397-01
Posted Oct 13, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1397-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon that supports writing to relational databases, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grained output format control. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon or, potentially, execute arbitrary code as the user running the rsyslog daemon.

tags | advisory, remote, arbitrary, local, tcp
systems | linux, redhat
advisories | CVE-2014-3634
SHA-256 | 8da86fa87dcbb8b16d01e0c4641731604315c00090936247194af617d03edc73
Ubuntu Security Notice USN-2381-1
Posted Oct 9, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2381-1 - It was discovered that Rsyslog incorrectly handled invalid PRI values. An attacker could use this issue to send malformed messages to the Rsyslog server and cause it to stop responding, resulting in a denial of service and possibly message loss.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2014-3634, CVE-2014-3683
SHA-256 | ef0650550269081de646357c095792813b24c790927fb53317ceafbb8d412f20
Debian Security Advisory 3040-1
Posted Oct 1, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3040-1 - Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog, a system for log processing. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial of service attack.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2014-3634
SHA-256 | e561d69b5178aba532af90ac7fb2ff1c69d976ffa69a1ce6567926bb397cbdd2
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close