Critical severity9.8NVD Advisory· Published Jan 30, 2020· Updated Jun 17, 2026
CVE-2020-8443
CVE-2020-8443
Description
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- OSSEC-HIDS/OSSEC-HIDSdescription
- Range: 2.7 - 3.5.0
Patches
Vulnerability mechanics
References
4- github.com/ossec/ossec-hids/issues/1816nvdExploitThird Party Advisory
- github.com/ossec/ossec-hids/issues/1821nvdThird Party Advisory
- security.gentoo.org/glsa/202007-33nvdThird Party Advisory
- www.ossec.netnvdVendor Advisory
News mentions
0No linked articles in our index yet.