VYPR

Sysklogd

by Sysklogd Project

CVEs (4)

  • CVE-2014-3634Nov 2, 2014
    risk 0.01cvss epss 0.08

    rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.

  • CVE-2014-3683Nov 2, 2014
    risk 0.00cvss epss 0.05

    Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634.

  • CVE-2006-1624Apr 5, 2006
    risk 0.00cvss epss 0.03

    The default configuration of syslogd in the Linux sysklogd package does not enable the -x (disable name lookups) option, which allows remote attackers to cause a denial of service (traffic amplification) via messages with spoofed source IP addresses.

  • CVE-2001-0738Oct 18, 2001
    risk 0.00cvss epss 0.03

    LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages.