fkie_cve-2011-3200
Vulnerability from fkie_nvd
Published
2011-09-06 16:55
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:rsyslog:rsyslog:4.6.0:*:*:*:*:*:*:*", matchCriteriaId: "C189E19A-16F3-40C9-B480-58013C5ED16D", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:4.6.1:*:*:*:*:*:*:*", matchCriteriaId: "E0839E9A-147E-4297-AE06-34AC67471001", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:4.6.2:*:*:*:*:*:*:*", matchCriteriaId: "5A7D9B57-777D-4B0F-BFD0-2642064FFBFA", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:4.6.3:*:*:*:*:*:*:*", matchCriteriaId: "654A4E45-2E4D-420D-8653-B03240ED4A88", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:4.6.4:*:*:*:*:*:*:*", matchCriteriaId: "CF03E62D-026D-4C33-BB0D-9D5B788DC5C6", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:4.6.5:*:*:*:*:*:*:*", matchCriteriaId: "32DE7607-0082-4013-812B-0777C23BA1AC", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:4.6.6:*:*:*:*:*:*:*", matchCriteriaId: "C19BCBF2-09C1-4B2E-90C0-44086BCF5643", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:4.6.7:*:*:*:*:*:*:*", matchCriteriaId: "C8C0123D-3D76-418D-BE38-00C10F147DA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.2.0:*:*:*:*:*:*:*", matchCriteriaId: "6E8B8362-FB8A-47E0-AC3D-DC6A1138758D", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "72D612FA-5842-400D-AADA-D2CFF3A9C2B9", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.2.2:*:*:*:*:*:*:*", matchCriteriaId: "41A66E91-25CA-48D9-9876-B7BF59E24002", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "52FD86EF-92A1-4FB4-9EC1-E6DFBD93499B", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.3.2:*:*:*:*:*:*:*", matchCriteriaId: "AC62EFFF-52BB-4B75-811B-90FABA83FF33", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.3.3:*:*:*:*:*:*:*", matchCriteriaId: "31115B81-97B1-49DB-B524-1F3234F3B999", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.3.4:*:*:*:*:*:*:*", matchCriteriaId: "4F28E8B1-0266-4498-B255-A05B7FE22F84", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.3.5:*:*:*:*:*:*:*", matchCriteriaId: "E4CECA40-8267-4791-90B2-06311D33D73C", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.3.6:*:*:*:*:*:*:*", matchCriteriaId: "298BE072-6C64-4AB4-AE92-16C6ADD3B7E3", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.3.7:*:*:*:*:*:*:*", matchCriteriaId: "4338B0BD-6F52-405B-AED9-2ED2B4B50AC5", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.4.0:*:*:*:*:*:*:*", matchCriteriaId: "0E9CDDD7-F22B-4980-BD0A-7F91E9B9D384", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.4.1:*:*:*:*:*:*:*", matchCriteriaId: "4CE7FF76-4F5E-4D0E-AF9A-8579C93FA472", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.4.2:*:*:*:*:*:*:*", matchCriteriaId: "3AF97FDB-8862-44BA-9732-15191AC8181E", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.5.0:*:*:*:*:*:*:*", matchCriteriaId: "962616FC-9BB4-4978-8011-6084931A2CD0", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "83F00805-390F-4736-894E-1F5CEB1F1629", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "4DB45F90-FD8E-4ABA-8C26-D3A49CA684D5", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "E0ED3A21-75EF-438C-AC9E-1CA67985DC46", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "5CF11421-19E4-4DE4-849E-96BC2045CEEB", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "F98CEA8A-814C-4812-9E10-874CB0967303", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "2F5141AA-FE13-4AE7-9F5A-873CDFDA5B2D", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.5.7:*:*:*:*:*:*:*", matchCriteriaId: "2E985BF5-8B9E-45C1-ADC1-B5F964EABD5B", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE7EC105-0E13-4D47-9D0A-315013657DA8", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "E0244736-F857-4A74-84E4-BB7F591CE7F5", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "3607C1AE-E3C8-4786-8EEE-0B1D1A9B098C", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "2D28F99E-27B8-47F8-981A-5D9E38BEADE5", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "6BA11F46-D8FE-44BD-B792-A78800AC46A5", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "A1FC9D6A-3E72-4E93-8EC7-A82A24F3E73E", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.7.0:*:*:*:*:*:*:*", matchCriteriaId: "4C0FAF7B-3BDB-4048-9040-B65145CA0267", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.7.1:*:*:*:*:*:*:*", matchCriteriaId: "995DAD4E-7B30-474C-A06C-4D5AA57071C1", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.7.2:*:*:*:*:*:*:*", matchCriteriaId: "A0107C61-B60E-4BC9-8D97-D1CB02B37F77", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.7.3:*:*:*:*:*:*:*", matchCriteriaId: "218031FE-C023-4637-B4CA-EC2B7633D84E", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.7.4:*:*:*:*:*:*:*", matchCriteriaId: "C9DF6D59-AC76-4C98-A878-B618CEE59E6E", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.7.5:*:*:*:*:*:*:*", matchCriteriaId: "826FCA60-5D6D-4606-9024-E005C6FA6170", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.7.6:*:*:*:*:*:*:*", matchCriteriaId: "BE08A955-0416-41AF-AFD4-8E065A1E1A9A", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.7.7:*:*:*:*:*:*:*", matchCriteriaId: "E6BA5F54-DAFC-48DA-BFD6-EB1414F55391", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.7.8:*:*:*:*:*:*:*", matchCriteriaId: "2ADD25C5-1729-4C06-BCC5-27A99A665E51", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.7.9:*:*:*:*:*:*:*", matchCriteriaId: "16EACD36-04B0-4D5F-B7E3-E625CCE445E5", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.7.10:*:*:*:*:*:*:*", matchCriteriaId: "91B8BDF5-7427-4421-8E66-568FC2FC2EEB", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.8.0:*:*:*:*:*:*:*", matchCriteriaId: "EB647DD4-31EC-40E5-B9A7-73A6C213D3B8", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.8.1:*:*:*:*:*:*:*", matchCriteriaId: "2CA66A00-FB7A-4040-B8FC-9B6C48357C7B", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.8.2:*:*:*:*:*:*:*", matchCriteriaId: "C1EEEC6D-C50B-4C40-83E1-A8FBD813CB04", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.8.3:*:*:*:*:*:*:*", matchCriteriaId: "4F12BBF6-985F-4A29-9968-CFE440885BB4", vulnerable: true, }, { criteria: "cpe:2.3:a:rsyslog:rsyslog:5.8.4:*:*:*:*:*:*:*", matchCriteriaId: "ABE8ABAF-41AA-43D9-B72B-57C27059C2C4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.", }, { lang: "es", value: "Un desbordamiento de búfer basado en la pila en la función parseLegacySyslogMsg en tools/syslogd.c en rsyslogd en rsyslog v4.6.x antes de v4.6.8 y v5.2.0 hasta la v5.8.4 podría permitir a atacantes remotos provocar una denegación de servicio (salida de la aplicación) a través de un TAG demasiado largo en un mensaje de syslog antiguo.", }, ], id: "CVE-2011-3200", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2011-09-06T16:55:10.837", references: [ { source: "secalert@redhat.com", url: "http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=1ca6cc236d1dabf1633238b873fb1c057e52f95e", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065837.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065941.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2011-09/msg00013.html", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/45922", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/46027", }, { source: "secalert@redhat.com", url: "http://securitytracker.com/id?1026000", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:134", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2011-1247.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.rsyslog.com/potential-dos-with-malformed-tag/", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/49413", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=727644", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=1ca6cc236d1dabf1633238b873fb1c057e52f95e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065837.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065941.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2011-09/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/45922", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/46027", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1026000", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2011:134", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2011-1247.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.rsyslog.com/potential-dos-with-malformed-tag/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/49413", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=727644", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.