rpm package
suse/rsyslog&distro=SUSE Linux Enterprise Desktop 12 SP4
pkg:rpm/suse/rsyslog&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-17042 | — | < 8.24.0-3.33.2 | 8.24.0-3.33.2 | Oct 7, 2019 | An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy | ||
| CVE-2019-17041 | — | < 8.24.0-3.33.2 | 8.24.0-3.33.2 | Oct 7, 2019 | An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not | ||
| CVE-2018-16881 | — | < 8.24.0-3.19.1 | 8.24.0-3.19.1 | Jan 25, 2019 | A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable. |
- CVE-2019-17042Oct 7, 2019affected < 8.24.0-3.33.2fixed 8.24.0-3.33.2
An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy
- CVE-2019-17041Oct 7, 2019affected < 8.24.0-3.33.2fixed 8.24.0-3.33.2
An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not
- CVE-2018-16881Jan 25, 2019affected < 8.24.0-3.19.1fixed 8.24.0-3.19.1
A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.