VYPR

rpm package

suse/rsyslog&distro=SUSE Linux Enterprise Server 12 SP3

pkg:rpm/suse/rsyslog&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3

Vulnerabilities (2)

  • CVE-2018-16881Jan 25, 2019
    affected < 8.24.0-3.19.1fixed 8.24.0-3.19.1

    A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.

  • CVE-2015-3243MedJul 25, 2017
    affected < 8.24.0-3.3.1fixed 8.24.0-3.3.1

    rsyslog uses weak permissions for generating log files, which allows local users to obtain sensitive information by reading files in /var/log/cron.