CVE-2011-3200
Vulnerability from cvelistv5
Published
2011-09-06 16:00
Modified
2024-08-06 23:29
Severity ?
Summary
Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.
References
secalert@redhat.comhttp://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=1ca6cc236d1dabf1633238b873fb1c057e52f95e
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-September/065837.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2011-September/065941.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2011-09/msg00013.html
secalert@redhat.comhttp://secunia.com/advisories/45922
secalert@redhat.comhttp://secunia.com/advisories/46027
secalert@redhat.comhttp://securitytracker.com/id?1026000
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:134
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2011-1247.html
secalert@redhat.comhttp://www.rsyslog.com/potential-dos-with-malformed-tag/Patch, Vendor Advisory
secalert@redhat.comhttp://www.securityfocus.com/bid/49413
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=727644Patch
af854a3a-2127-422b-91ae-364da2661108http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=1ca6cc236d1dabf1633238b873fb1c057e52f95e
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065837.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065941.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2011-09/msg00013.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/45922
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/46027
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1026000
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:134
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2011-1247.html
af854a3a-2127-422b-91ae-364da2661108http://www.rsyslog.com/potential-dos-with-malformed-tag/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/49413
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=727644Patch
Impacted products
Vendor Product Version
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T23:29:55.424Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "46027",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/46027",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=727644",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.rsyslog.com/potential-dos-with-malformed-tag/",
               },
               {
                  name: "1026000",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://securitytracker.com/id?1026000",
               },
               {
                  name: "openSUSE-SU-2011:1020",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-updates/2011-09/msg00013.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=1ca6cc236d1dabf1633238b873fb1c057e52f95e",
               },
               {
                  name: "RHSA-2011:1247",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://www.redhat.com/support/errata/RHSA-2011-1247.html",
               },
               {
                  name: "MDVSA-2011:134",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MANDRIVA",
                     "x_transferred",
                  ],
                  url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:134",
               },
               {
                  name: "FEDORA-2011-12282",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065941.html",
               },
               {
                  name: "49413",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/49413",
               },
               {
                  name: "FEDORA-2011-12250",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065837.html",
               },
               {
                  name: "45922",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/45922",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2011-09-01T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2011-09-23T09:00:00",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "46027",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/46027",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=727644",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.rsyslog.com/potential-dos-with-malformed-tag/",
            },
            {
               name: "1026000",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://securitytracker.com/id?1026000",
            },
            {
               name: "openSUSE-SU-2011:1020",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-updates/2011-09/msg00013.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=1ca6cc236d1dabf1633238b873fb1c057e52f95e",
            },
            {
               name: "RHSA-2011:1247",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://www.redhat.com/support/errata/RHSA-2011-1247.html",
            },
            {
               name: "MDVSA-2011:134",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
               ],
               url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:134",
            },
            {
               name: "FEDORA-2011-12282",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065941.html",
            },
            {
               name: "49413",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/49413",
            },
            {
               name: "FEDORA-2011-12250",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065837.html",
            },
            {
               name: "45922",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/45922",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "secalert@redhat.com",
               ID: "CVE-2011-3200",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "46027",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/46027",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=727644",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=727644",
                  },
                  {
                     name: "http://www.rsyslog.com/potential-dos-with-malformed-tag/",
                     refsource: "CONFIRM",
                     url: "http://www.rsyslog.com/potential-dos-with-malformed-tag/",
                  },
                  {
                     name: "1026000",
                     refsource: "SECTRACK",
                     url: "http://securitytracker.com/id?1026000",
                  },
                  {
                     name: "openSUSE-SU-2011:1020",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-updates/2011-09/msg00013.html",
                  },
                  {
                     name: "http://git.adiscon.com/?p=rsyslog.git;a=commit;h=1ca6cc236d1dabf1633238b873fb1c057e52f95e",
                     refsource: "CONFIRM",
                     url: "http://git.adiscon.com/?p=rsyslog.git;a=commit;h=1ca6cc236d1dabf1633238b873fb1c057e52f95e",
                  },
                  {
                     name: "RHSA-2011:1247",
                     refsource: "REDHAT",
                     url: "http://www.redhat.com/support/errata/RHSA-2011-1247.html",
                  },
                  {
                     name: "MDVSA-2011:134",
                     refsource: "MANDRIVA",
                     url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:134",
                  },
                  {
                     name: "FEDORA-2011-12282",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065941.html",
                  },
                  {
                     name: "49413",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/49413",
                  },
                  {
                     name: "FEDORA-2011-12250",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065837.html",
                  },
                  {
                     name: "45922",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/45922",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2011-3200",
      datePublished: "2011-09-06T16:00:00",
      dateReserved: "2011-08-19T00:00:00",
      dateUpdated: "2024-08-06T23:29:55.424Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2011-3200\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2011-09-06T16:55:10.837\",\"lastModified\":\"2024-11-21T01:29:57.957\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.\"},{\"lang\":\"es\",\"value\":\"Un desbordamiento de búfer basado en la pila en la función parseLegacySyslogMsg en tools/syslogd.c en rsyslogd en rsyslog v4.6.x antes de v4.6.8 y v5.2.0 hasta la v5.8.4 podría permitir a atacantes remotos provocar una denegación de servicio (salida de la aplicación) a través de un TAG demasiado largo en un mensaje de syslog antiguo.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:4.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C189E19A-16F3-40C9-B480-58013C5ED16D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:4.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0839E9A-147E-4297-AE06-34AC67471001\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:4.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A7D9B57-777D-4B0F-BFD0-2642064FFBFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:4.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"654A4E45-2E4D-420D-8653-B03240ED4A88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:4.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF03E62D-026D-4C33-BB0D-9D5B788DC5C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:4.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32DE7607-0082-4013-812B-0777C23BA1AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:4.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C19BCBF2-09C1-4B2E-90C0-44086BCF5643\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:4.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8C0123D-3D76-418D-BE38-00C10F147DA3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E8B8362-FB8A-47E0-AC3D-DC6A1138758D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72D612FA-5842-400D-AADA-D2CFF3A9C2B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41A66E91-25CA-48D9-9876-B7BF59E24002\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"52FD86EF-92A1-4FB4-9EC1-E6DFBD93499B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC62EFFF-52BB-4B75-811B-90FABA83FF33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31115B81-97B1-49DB-B524-1F3234F3B999\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F28E8B1-0266-4498-B255-A05B7FE22F84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4CECA40-8267-4791-90B2-06311D33D73C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"298BE072-6C64-4AB4-AE92-16C6ADD3B7E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4338B0BD-6F52-405B-AED9-2ED2B4B50AC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E9CDDD7-F22B-4980-BD0A-7F91E9B9D384\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CE7FF76-4F5E-4D0E-AF9A-8579C93FA472\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AF97FDB-8862-44BA-9732-15191AC8181E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"962616FC-9BB4-4978-8011-6084931A2CD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83F00805-390F-4736-894E-1F5CEB1F1629\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DB45F90-FD8E-4ABA-8C26-D3A49CA684D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0ED3A21-75EF-438C-AC9E-1CA67985DC46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CF11421-19E4-4DE4-849E-96BC2045CEEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F98CEA8A-814C-4812-9E10-874CB0967303\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F5141AA-FE13-4AE7-9F5A-873CDFDA5B2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E985BF5-8B9E-45C1-ADC1-B5F964EABD5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE7EC105-0E13-4D47-9D0A-315013657DA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0244736-F857-4A74-84E4-BB7F591CE7F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3607C1AE-E3C8-4786-8EEE-0B1D1A9B098C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D28F99E-27B8-47F8-981A-5D9E38BEADE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BA11F46-D8FE-44BD-B792-A78800AC46A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1FC9D6A-3E72-4E93-8EC7-A82A24F3E73E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C0FAF7B-3BDB-4048-9040-B65145CA0267\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"995DAD4E-7B30-474C-A06C-4D5AA57071C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0107C61-B60E-4BC9-8D97-D1CB02B37F77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"218031FE-C023-4637-B4CA-EC2B7633D84E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9DF6D59-AC76-4C98-A878-B618CEE59E6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"826FCA60-5D6D-4606-9024-E005C6FA6170\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE08A955-0416-41AF-AFD4-8E065A1E1A9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6BA5F54-DAFC-48DA-BFD6-EB1414F55391\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2ADD25C5-1729-4C06-BCC5-27A99A665E51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.7.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16EACD36-04B0-4D5F-B7E3-E625CCE445E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.7.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91B8BDF5-7427-4421-8E66-568FC2FC2EEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB647DD4-31EC-40E5-B9A7-73A6C213D3B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CA66A00-FB7A-4040-B8FC-9B6C48357C7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1EEEC6D-C50B-4C40-83E1-A8FBD813CB04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F12BBF6-985F-4A29-9968-CFE440885BB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rsyslog:rsyslog:5.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABE8ABAF-41AA-43D9-B72B-57C27059C2C4\"}]}]}],\"references\":[{\"url\":\"http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=1ca6cc236d1dabf1633238b873fb1c057e52f95e\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065837.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065941.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2011-09/msg00013.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/45922\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/46027\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://securitytracker.com/id?1026000\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:134\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1247.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.rsyslog.com/potential-dos-with-malformed-tag/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/49413\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=727644\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=1ca6cc236d1dabf1633238b873fb1c057e52f95e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065837.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065941.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2011-09/msg00013.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/45922\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/46027\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1026000\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:134\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1247.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.rsyslog.com/potential-dos-with-malformed-tag/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/49413\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=727644\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.