5 - CVE-2011-3200

Executive Summary

Informations
Name	CVE-2011-3200	First vendor Publication	2011-09-06
Vendor	Cve	Last vendor Modification	2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3200

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:21118

Oval ID:	oval:org.mitre.oval:def:21118
Title:	USN-1224-1 -- rsyslog vulnerability
Description:	Rsyslog could be made to crash if it processed a specially crafted message.
Family:	unix	Class:	patch
Reference(s):	USN-1224-1 CVE-2011-3200	Version:	5
Platform(s):	Ubuntu 11.04	Product(s):	rsyslog
Definition Synopsis:
Ubuntu 11.04 is installed AND rsyslog DPKG is earlier than 0:4.6.4-2ubuntu4.1

Definition Id: oval:org.mitre.oval:def:22064

Oval ID:	oval:org.mitre.oval:def:22064
Title:	RHSA-2011:1247: rsyslog security update (Moderate)
Description:	Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.
Family:	unix	Class:	patch
Reference(s):	RHSA-2011:1247-01 CVE-2011-3200	Version:	4
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	rsyslog
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section rsyslog-relp is earlier than 0:4.6.2-3.el6_1.2 AND rsyslog-gssapi is earlier than 0:4.6.2-3.el6_1.2 AND rsyslog-gnutls is earlier than 0:4.6.2-3.el6_1.2 AND rsyslog-pgsql is earlier than 0:4.6.2-3.el6_1.2 AND rsyslog is earlier than 0:4.6.2-3.el6_1.2 AND rsyslog-mysql is earlier than 0:4.6.2-3.el6_1.2

Definition Id: oval:org.mitre.oval:def:23308

Oval ID:	oval:org.mitre.oval:def:23308
Title:	ELSA-2011:1247: rsyslog security update (Moderate)
Description:	Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.
Family:	unix	Class:	patch
Reference(s):	ELSA-2011:1247-01 CVE-2011-3200	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	rsyslog
Definition Synopsis:
Oracle Linux 6.x rpm test rsyslog-relp is earlier than 0:4.6.2-3.el6_1.2 AND rsyslog-gssapi is earlier than 0:4.6.2-3.el6_1.2 AND rsyslog-gnutls is earlier than 0:4.6.2-3.el6_1.2 AND rsyslog-pgsql is earlier than 0:4.6.2-3.el6_1.2 AND rsyslog is earlier than 0:4.6.2-3.el6_1.2 AND rsyslog-mysql is earlier than 0:4.6.2-3.el6_1.2

Definition Id: oval:org.mitre.oval:def:27869

Oval ID:	oval:org.mitre.oval:def:27869
Title:	DEPRECATED: ELSA-2011-1247 -- rsyslog security update (moderate)
Description:	[4.6.2-3.el6_1.2] - add patch to resolve buffer overflow (CVE-2011-3200) Resolves: #733647
Family:	unix	Class:	patch
Reference(s):	ELSA-2011-1247 CVE-2011-3200	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	rsyslog
Definition Synopsis:
Oracle Linux 6.x Packages match section rsyslog is earlier than 0:4.6.2-3.el6_1.2 AND rsyslog-gnutls is earlier than 0:4.6.2-3.el6_1.2 AND rsyslog-gssapi is earlier than 0:4.6.2-3.el6_1.2 AND rsyslog-mysql is earlier than 0:4.6.2-3.el6_1.2 AND rsyslog-pgsql is earlier than 0:4.6.2-3.el6_1.2 AND rsyslog-relp is earlier than 0:4.6.2-3.el6_1.2

CPE : Common Platform Enumeration

Type	Description	Count
Application	Rsyslog cpe:2.3:a:rsyslog:rsyslog:5.8.4:::::::* cpe:2.3:a:rsyslog:rsyslog:5.8.3:::::::* cpe:2.3:a:rsyslog:rsyslog:5.8.2:::::::* cpe:2.3:a:rsyslog:rsyslog:5.8.1:::::::* cpe:2.3:a:rsyslog:rsyslog:5.8.0:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.9:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.8:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.7:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.6:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.5:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.4:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.3:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.2:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.10:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.1:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.0:::::::* cpe:2.3:a:rsyslog:rsyslog:5.6.5:::::::* cpe:2.3:a:rsyslog:rsyslog:5.6.4:::::::* cpe:2.3:a:rsyslog:rsyslog:5.6.3:::::::* cpe:2.3:a:rsyslog:rsyslog:5.6.2:::::::* cpe:2.3:a:rsyslog:rsyslog:5.6.1:::::::* cpe:2.3:a:rsyslog:rsyslog:5.6.0:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.7:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.6:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.5:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.4:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.3:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.2:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.1:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.0:::::::* cpe:2.3:a:rsyslog:rsyslog:5.4.2:::::::* cpe:2.3:a:rsyslog:rsyslog:5.4.1:::::::* cpe:2.3:a:rsyslog:rsyslog:5.4.0:::::::* cpe:2.3:a:rsyslog:rsyslog:5.3.7:::::::* cpe:2.3:a:rsyslog:rsyslog:5.3.6:::::::* cpe:2.3:a:rsyslog:rsyslog:5.3.5:::::::* cpe:2.3:a:rsyslog:rsyslog:5.3.4:::::::* cpe:2.3:a:rsyslog:rsyslog:5.3.3:::::::* cpe:2.3:a:rsyslog:rsyslog:5.3.2:::::::* cpe:2.3:a:rsyslog:rsyslog:5.3.1:::::::* cpe:2.3:a:rsyslog:rsyslog:5.2.2:::::::* cpe:2.3:a:rsyslog:rsyslog:5.2.1:::::::* cpe:2.3:a:rsyslog:rsyslog:5.2.0:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.7:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.6:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.5:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.4:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.3:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.2:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.1:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.0:::::::*	51

OpenVAS Exploits

Date	Description
2012-07-09	Name : RedHat Update for rsyslog RHSA-2011:1247-01 File : nvt/gb_RHSA-2011_1247-01_rsyslog.nasl
2012-03-19	Name : Fedora Update for rsyslog FEDORA-2011-12250 File : nvt/gb_fedora_2011_12250_rsyslog_fc16.nasl
2011-10-10	Name : Ubuntu Update for rsyslog USN-1224-1 File : nvt/gb_ubuntu_USN_1224_1.nasl
2011-09-27	Name : Fedora Update for rsyslog FEDORA-2011-12616 File : nvt/gb_fedora_2011_12616_rsyslog_fc15.nasl
2011-09-16	Name : Fedora Update for rsyslog FEDORA-2011-12282 File : nvt/gb_fedora_2011_12282_rsyslog_fc14.nasl
2011-09-12	Name : Mandriva Update for rsyslog MDVSA-2011:134 (rsyslog) File : nvt/gb_mandriva_MDVSA_2011_134.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
74864	rsyslog tools/syslogd.c parseLegacySyslogMsg() Function Message TAG Off-by-tw...

Nessus® Vulnerability Scanner

Date	Description
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_3_rsyslog-110905.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_4_rsyslog-110905.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1247.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110901_rsyslog_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2011-10-04	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1224-1.nasl - Type : ACT_GATHER_INFO
2011-09-26	Name : The remote Fedora host is missing a security update. File : fedora_2011-12616.nasl - Type : ACT_GATHER_INFO
2011-09-15	Name : The remote Fedora host is missing a security update. File : fedora_2011-12282.nasl - Type : ACT_GATHER_INFO
2011-09-14	Name : The remote Fedora host is missing a security update. File : fedora_2011-12250.nasl - Type : ACT_GATHER_INFO
2011-09-12	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2011-134.nasl - Type : ACT_GATHER_INFO
2011-09-02	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1247.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=1ca6cc236d1dabf1633238b8...
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/0658...
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/0659...
http://lists.opensuse.org/opensuse-updates/2011-09/msg00013.html
http://secunia.com/advisories/45922
http://secunia.com/advisories/46027
http://securitytracker.com/id?1026000
http://www.mandriva.com/security/advisories?name=MDVSA-2011:134
http://www.redhat.com/support/errata/RHSA-2011-1247.html
http://www.rsyslog.com/potential-dos-with-malformed-tag/
http://www.securityfocus.com/bid/49413
https://bugzilla.redhat.com/show_bug.cgi?id=727644

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-11-28 23:04:16	Multiple Updates
2024-11-28 12:26:55	Multiple Updates
2023-11-07 21:47:18	Multiple Updates
2021-05-04 12:15:15	Multiple Updates
2021-04-22 01:16:48	Multiple Updates
2020-05-23 00:30:58	Multiple Updates
2016-04-26 21:02:02	Multiple Updates
2014-06-14 13:31:30	Multiple Updates
2014-02-17 11:04:45	Multiple Updates
2013-05-10 23:06:17	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	4
CPE ID(s)	51
Sources(s)	12
osvdb(s)	1
Openvas Exploit(s)	6
Nessus® Exploit(s)	10

	Related
5	USN-1224-1
5	RHSA-2011:1247
5	MDVSA-2011:134-1
5	MDVSA-2011:134
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 4 more Alert(s)

5 - CVE-2011-3200

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU