VYPR

rpm package

suse/rsyslog&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP4

pkg:rpm/suse/rsyslog&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4

Vulnerabilities (4)

  • CVE-2022-24903May 5, 2022
    affected < 8.24.0-3.58.2fixed 8.24.0-3.58.2

    Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for

  • CVE-2019-17042Oct 7, 2019
    affected < 8.24.0-3.33.2fixed 8.24.0-3.33.2

    An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy

  • CVE-2019-17041Oct 7, 2019
    affected < 8.24.0-3.33.2fixed 8.24.0-3.33.2

    An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not

  • CVE-2018-16881Jan 25, 2019
    affected < 8.24.0-3.19.1fixed 8.24.0-3.19.1

    A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.