CPE-A03C6231-5869-46DD-9595-C1C3DD98E783 Detail

CPE Details

RSYSLOG 8.5.0

Vendor

rsyslog

Product

rsyslog

Version

8.5.0

Created

2019-07-02
10h51 +00:00

Modified

2019-07-02
10h51 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:rsyslog:rsyslog:8.5.0:::::::*

Informations

Vendor

rsyslog

Product

rsyslog

Version

8.5.0

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2022-24903	2022-05-04 22h00 +00:00	Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code execution. But there may still be a slight chance for experts to do that. The bug occurs when the octet count is read. While there is a check for the maximum number of octets, digits are written to a heap buffer even when the octet count is over the maximum, This can be used to overrun the memory buffer. However, once the sequence of digits stop, no additional characters can be added to the buffer. In our opinion, this makes remote exploits impossible or at least highly complex. Octet-counted framing is one of two potential framing modes. It is relatively uncommon, but enabled by default on receivers. Modules `imtcp`, `imptcp`, `imgssapi`, and `imhttp` are used for regular syslog message reception. It is best practice not to directly expose them to the public. When this practice is followed, the risk is considerably lower. Module `imdiag` is a diagnostics module primarily intended for testbench runs. We do not expect it to be present on any production installation. Octet-counted framing is not very common. Usually, it needs to be specifically enabled at senders. If users do not need it, they can turn it off for the most important modules. This will mitigate the vulnerability.	8.1	High
CVE-2018-16881	2019-01-25 17h00 +00:00	A denial of service vulnerability was found in rsyslog in the imptcp module. An attacker could send a specially crafted message to the imptcp socket, which would cause rsyslog to crash. Versions before 8.27.0 are vulnerable.	7.5	High
CVE-2017-12588	2017-08-06 12h00 +00:00	The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.	9.8	Critical

RSYSLOG 8.5.0

CPE Details

CPE Name: cpe:2.3:a:rsyslog:rsyslog:8.5.0:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:rsyslog:rsyslog:8.5.0:::::::*