7.5 - CVE-2014-3634

Executive Summary

Informations
Name	CVE-2014-3634	First vendor Publication	2014-11-01
Vendor	Cve	Last vendor Modification	2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3634

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:26767

Oval ID:	oval:org.mitre.oval:def:26767
Title:	RHSA-2014:1654: rsyslog7 security update (Important)
Description:	The rsyslog7 packages provide an enhanced, multi-threaded syslog daemon that supports writing to relational databases, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grained output format control. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon or, potentially, execute arbitrary code as the user running the rsyslog daemon. (CVE-2014-3634) Red Hat would like to thank Rainer Gerhards of rsyslog upstream for reporting this issue. All rsyslog7 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the rsyslog service will be restarted automatically.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1654-00 CVE-2014-3634 CESA-2014:1654	Version:	5
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	rsyslog7
Definition Synopsis:
Red Hat Enterprise Linux 6 and CentOS Linux 6 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages match section rsyslog7 is earlier than 0:7.4.10-3.el6_6 AND rsyslog7-elasticsearch is earlier than 0:7.4.10-3.el6_6 AND rsyslog7-gnutls is earlier than 0:7.4.10-3.el6_6 AND rsyslog7-gssapi is earlier than 0:7.4.10-3.el6_6 AND rsyslog7-mysql is earlier than 0:7.4.10-3.el6_6 AND rsyslog7-pgsql is earlier than 0:7.4.10-3.el6_6 AND rsyslog7-relp is earlier than 0:7.4.10-3.el6_6 AND rsyslog7-snmp is earlier than 0:7.4.10-3.el6_6 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 AND rsyslog7-debuginfo is earlier than 0:7.4.10-3.el6_6

Definition Id: oval:org.mitre.oval:def:26816

Oval ID:	oval:org.mitre.oval:def:26816
Title:	RHSA-2014:1671 -- rsyslog5 and rsyslog security update (Moderate)
Description:	The rsyslog packages provide an enhanced, multi-threaded syslog daemon that supports writing to relational databases, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grained output format control. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon. (CVE-2014-3634) Red Hat would like to thank Rainer Gerhards of rsyslog upstream for reporting this issue. All rsyslog5 and rsyslog users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the rsyslog service will be restarted automatically.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1671 CESA-2014:1671 CVE-2014-3634	Version:	3
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6	Product(s):	rsyslog rsyslog5
Definition Synopsis:
Red Hat Enterprise Linux 5 and CentOS Linux 5 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages match section rsyslog5 is earlier than 0:5.8.12-5.el5_11 AND rsyslog5-gnutls is earlier than 0:5.8.12-5.el5_11 AND rsyslog5-gssapi is earlier than 0:5.8.12-5.el5_11 AND rsyslog5-mysql is earlier than 0:5.8.12-5.el5_11 AND rsyslog5-pgsql is earlier than 0:5.8.12-5.el5_11 AND rsyslog5-snmp is earlier than 0:5.8.12-5.el5_11 AND Red Hat Enterprise Linux 5 release section The operating system installed on the system is Red Hat Enterprise Linux 5 AND rsyslog5-debuginfo is earlier than 0:5.8.12-5.el5_11 AND Red Hat Enterprise Linux 6 and CentOS Linux 6 release section Operation system section The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages match section rsyslog is earlier than 0:5.8.10-9.el6_6 AND rsyslog-gnutls is earlier than 0:5.8.10-9.el6_6 AND rsyslog-gssapi is earlier than 0:5.8.10-9.el6_6 AND rsyslog-mysql is earlier than 0:5.8.10-9.el6_6 AND rsyslog-pgsql is earlier than 0:5.8.10-9.el6_6 AND rsyslog-relp is earlier than 0:5.8.10-9.el6_6 AND rsyslog-snmp is earlier than 0:5.8.10-9.el6_6 AND Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 AND rsyslog-debuginfo is earlier than 0:5.8.10-9.el6_6

Definition Id: oval:org.mitre.oval:def:26952

Oval ID:	oval:org.mitre.oval:def:26952
Title:	ELSA-2014-1397 -- rsyslog security update
Description:	[7.4.7-7.0.1] - use setsid() to get a controlling session and process group [Orabug: 17346261] (Todd Vierling) [7.4.7-7] - fix CVE-2014-3634 resolves: #1149152
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-1397 CVE-2014-3634	Version:	4
Platform(s):	Oracle Linux 7	Product(s):	rsyslog rsyslog-crypto rsyslog-doc rsyslog-elasticsearch rsyslog-gnutls rsyslog-gssapi rsyslog-libdbi rsyslog-mmaudit rsyslog-mmjsonparse rsyslog-mmnormalize rsyslog-mmsnmptrapd rsyslog-mysql rsyslog-pgsql rsyslog-relp rsyslog-snmp rsyslog-udpspoof
Definition Synopsis:
Oracle Linux 7.x Packages match section rsyslog is earlier than 0:7.4.7-7.0.1.el7_0 AND rsyslog-crypto is earlier than 0:7.4.7-7.0.1.el7_0 AND rsyslog-doc is earlier than 0:7.4.7-7.0.1.el7_0 AND rsyslog-elasticsearch is earlier than 0:7.4.7-7.0.1.el7_0 AND rsyslog-gnutls is earlier than 0:7.4.7-7.0.1.el7_0 AND rsyslog-gssapi is earlier than 0:7.4.7-7.0.1.el7_0 AND rsyslog-libdbi is earlier than 0:7.4.7-7.0.1.el7_0 AND rsyslog-mmaudit is earlier than 0:7.4.7-7.0.1.el7_0 AND rsyslog-mmjsonparse is earlier than 0:7.4.7-7.0.1.el7_0 AND rsyslog-mmnormalize is earlier than 0:7.4.7-7.0.1.el7_0 AND rsyslog-mmsnmptrapd is earlier than 0:7.4.7-7.0.1.el7_0 AND rsyslog-mysql is earlier than 0:7.4.7-7.0.1.el7_0 AND rsyslog-pgsql is earlier than 0:7.4.7-7.0.1.el7_0 AND rsyslog-relp is earlier than 0:7.4.7-7.0.1.el7_0 AND rsyslog-snmp is earlier than 0:7.4.7-7.0.1.el7_0 AND rsyslog-udpspoof is earlier than 0:7.4.7-7.0.1.el7_0

Definition Id: oval:org.mitre.oval:def:27109

Oval ID:	oval:org.mitre.oval:def:27109
Title:	DSA-3040-1 rsyslog - security update
Description:	Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog, a system for log processing. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial of service attack.
Family:	unix	Class:	patch
Reference(s):	DSA-3040-1 CVE-2014-3634	Version:	3
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	rsyslog
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND rsyslog DPKG is earlier than 0:5.8.11-3+deb7u1

Definition Id: oval:org.mitre.oval:def:27159

Oval ID:	oval:org.mitre.oval:def:27159
Title:	RHSA-2014:1397: rsyslog security update (Important)
Description:	The rsyslog packages provide an enhanced, multi-threaded syslog daemon that supports writing to relational databases, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grained output format control. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon or, potentially, execute arbitrary code as the user running the rsyslog daemon. (CVE-2014-3634) Red Hat would like to thank Rainer Gerhards of rsyslog upstream for reporting this issue. All rsyslog users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the rsyslog service will be restarted automatically.
Family:	unix	Class:	patch
Reference(s):	RHSA-2014:1397-00 CESA-2014:1397 CVE-2014-3634	Version:	3
Platform(s):	Red Hat Enterprise Linux 7 CentOS Linux 7	Product(s):	rsyslog
Definition Synopsis:
Redhat 7 or Centos 7 release The operating system installed on the system is Red Hat Enterprise Linux 7 AND The operating system installed on the system is CentOS Linux 7.x Packages section rsyslog is earlier than 0:7.4.7-7.el7_0 AND rsyslog-crypto is earlier than 0:7.4.7-7.el7_0 AND rsyslog-doc is earlier than 0:7.4.7-7.el7_0 AND rsyslog-elasticsearch is earlier than 0:7.4.7-7.el7_0 AND rsyslog-gnutls is earlier than 0:7.4.7-7.el7_0 AND rsyslog-gssapi is earlier than 0:7.4.7-7.el7_0 AND rsyslog-libdbi is earlier than 0:7.4.7-7.el7_0 AND rsyslog-mmaudit is earlier than 0:7.4.7-7.el7_0 AND rsyslog-mmjsonparse is earlier than 0:7.4.7-7.el7_0 AND rsyslog-mmnormalize is earlier than 0:7.4.7-7.el7_0 AND rsyslog-mmsnmptrapd is earlier than 0:7.4.7-7.el7_0 AND rsyslog-mysql is earlier than 0:7.4.7-7.el7_0 AND rsyslog-pgsql is earlier than 0:7.4.7-7.el7_0 AND rsyslog-relp is earlier than 0:7.4.7-7.el7_0 AND rsyslog-snmp is earlier than 0:7.4.7-7.el7_0 AND rsyslog-udpspoof is earlier than 0:7.4.7-7.el7_0

Definition Id: oval:org.mitre.oval:def:27164

Oval ID:	oval:org.mitre.oval:def:27164
Title:	DSA-3047-1 rsyslog - security update
Description:	Mancha discovered a vulnerability in rsyslog, a system for log processing. This vulnerability is an integer overflow that can be triggered by malformed messages to a server, if this one accepts data from untrusted sources, provoking message loss, denial of service and, potentially, remote code execution.
Family:	unix	Class:	patch
Reference(s):	DSA-3047-1 CVE-2014-3683 CVE-2014-3634	Version:	3
Platform(s):	Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0	Product(s):	rsyslog
Definition Synopsis:
Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND rsyslog DPKG is earlier than 0:5.8.11-3+deb7u2

Definition Id: oval:org.mitre.oval:def:27262

Oval ID:	oval:org.mitre.oval:def:27262
Title:	ELSA-2014-1671 -- rsyslog5 and rsyslog security update (moderate)
Description:	[5.8.12-5.0.1] - use setsid() to get a controlling session and process group [Orabug: 17364545] [5.8.12-5] - fix CVE-2014-3634 resolves: #1149158
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-1671 CVE-2014-3634	Version:	3
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	rsyslog rsyslog5
Definition Synopsis:
Oracle Linux 5 release section Oracle Linux 5.x Packages match section rsyslog5 is earlier than 0:5.8.12-5.0.1.el5_11 AND rsyslog5-gnutls is earlier than 0:5.8.12-5.0.1.el5_11 AND rsyslog5-gssapi is earlier than 0:5.8.12-5.0.1.el5_11 AND rsyslog5-mysql is earlier than 0:5.8.12-5.0.1.el5_11 AND rsyslog5-pgsql is earlier than 0:5.8.12-5.0.1.el5_11 AND rsyslog5-snmp is earlier than 0:5.8.12-5.0.1.el5_11 AND Oracle Linux 6 release section Oracle Linux 6.x Packages match section rsyslog is earlier than 0:5.8.10-9.0.1.el6_6 AND rsyslog-gnutls is earlier than 0:5.8.10-9.0.1.el6_6 AND rsyslog-gssapi is earlier than 0:5.8.10-9.0.1.el6_6 AND rsyslog-mysql is earlier than 0:5.8.10-9.0.1.el6_6 AND rsyslog-pgsql is earlier than 0:5.8.10-9.0.1.el6_6 AND rsyslog-relp is earlier than 0:5.8.10-9.0.1.el6_6 AND rsyslog-snmp is earlier than 0:5.8.10-9.0.1.el6_6

Definition Id: oval:org.mitre.oval:def:27302

Oval ID:	oval:org.mitre.oval:def:27302
Title:	ELSA-2014-1654 -- rsyslog7 security update (important)
Description:	[7.4.10-3] - fix CVE-2014-3634 resolves: #1149150
Family:	unix	Class:	patch
Reference(s):	ELSA-2014-1654 CVE-2014-3634	Version:	3
Platform(s):	Oracle Linux 6	Product(s):	rsyslog7
Definition Synopsis:
Oracle Linux 6.x Packages match section rsyslog7 is earlier than 0:7.4.10-3.el6_6 AND rsyslog7-elasticsearch is earlier than 0:7.4.10-3.el6_6 AND rsyslog7-gnutls is earlier than 0:7.4.10-3.el6_6 AND rsyslog7-gssapi is earlier than 0:7.4.10-3.el6_6 AND rsyslog7-mysql is earlier than 0:7.4.10-3.el6_6 AND rsyslog7-pgsql is earlier than 0:7.4.10-3.el6_6 AND rsyslog7-relp is earlier than 0:7.4.10-3.el6_6 AND rsyslog7-snmp is earlier than 0:7.4.10-3.el6_6

Definition Id: oval:org.mitre.oval:def:27883

Oval ID:	oval:org.mitre.oval:def:27883
Title:	Open Source RSyslog vulnerability
Description:	rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2014-3634	Version:	4
Platform(s):	IBM AIX 6.1 IBM AIX 7.1	Product(s):
Definition Synopsis:
platforms IBM AIX 6.1 is installed AND IBM AIX 7.1 is installed AND File Version Exists rsyslog.base greater than or equal 5.8.6.1 AND rsyslog.base less than or equal 5.8.6.3

Definition Id: oval:org.mitre.oval:def:28432

Oval ID:	oval:org.mitre.oval:def:28432
Title:	SUSE-SU-2014:1438-1 -- update for rsyslog (moderate)
Description:	This update for rsyslog provides the following fixes: - Fixed remote PRI DoS vulnerability patch (CVE-2014-3683, bnc#899756) - Removed broken, unsupported and dropped by upstream zpipe utility from rsyslog-diag-tools package (bnc#890228)
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:1438-1 CVE-2014-3683 CVE-2014-3634	Version:	3
Platform(s):	SUSE Linux Enterprise Desktop 12	Product(s):	rsyslog
Definition Synopsis:
SUSE Linux Enterprise Desktop 12 is installed Packages match section rsyslog is earlier than 0:8.4.0-5.1 AND rsyslog-debuginfo is earlier than 0:8.4.0-5.1 AND rsyslog-debugsource is earlier than 0:8.4.0-5.1

CPE : Common Platform Enumeration

Type	Description	Count
Application	Rsyslog cpe:2.3:a:rsyslog:rsyslog:8.4.0:::::::* cpe:2.3:a:rsyslog:rsyslog:8.3.5:::::::* cpe:2.3:a:rsyslog:rsyslog:8.3.4:::::::* cpe:2.3:a:rsyslog:rsyslog:8.3.3:::::::* cpe:2.3:a:rsyslog:rsyslog:8.3.2:::::::* cpe:2.3:a:rsyslog:rsyslog:8.3.1:::::::* cpe:2.3:a:rsyslog:rsyslog:8.3.0:::::::* cpe:2.3:a:rsyslog:rsyslog:8.2.3:::::::* cpe:2.3:a:rsyslog:rsyslog:8.2.2:::::::* cpe:2.3:a:rsyslog:rsyslog:8.2.1:::::::* cpe:2.3:a:rsyslog:rsyslog:8.2.0:::::::* cpe:2.3:a:rsyslog:rsyslog:8.1.6:::::::* cpe:2.3:a:rsyslog:rsyslog:8.1.5:::::::* cpe:2.3:a:rsyslog:rsyslog:8.1.4:::::::* cpe:2.3:a:rsyslog:rsyslog:8.1.3:::::::* cpe:2.3:a:rsyslog:rsyslog:8.1.2:::::::* cpe:2.3:a:rsyslog:rsyslog:8.1.1:::::::* cpe:2.3:a:rsyslog:rsyslog:8.1.0:::::::* cpe:2.3:a:rsyslog:rsyslog:7.5.0:devel:::::: cpe:2.3:a:rsyslog:rsyslog:7.4.0:::::::* cpe:2.3:a:rsyslog:rsyslog:7.3.9:::::::* cpe:2.3:a:rsyslog:rsyslog:7.3.8:::::::* cpe:2.3:a:rsyslog:rsyslog:7.3.7:::::::* cpe:2.3:a:rsyslog:rsyslog:7.3.6:::::::* cpe:2.3:a:rsyslog:rsyslog:7.3.5:::::::* cpe:2.3:a:rsyslog:rsyslog:7.3.4:::::::* cpe:2.3:a:rsyslog:rsyslog:7.3.3:::::::* cpe:2.3:a:rsyslog:rsyslog:7.3.15:::::::* cpe:2.3:a:rsyslog:rsyslog:7.3.14:::::::* cpe:2.3:a:rsyslog:rsyslog:7.3.13:::::::* cpe:2.3:a:rsyslog:rsyslog:7.3.12:::::::* cpe:2.3:a:rsyslog:rsyslog:7.3.11:::::::* cpe:2.3:a:rsyslog:rsyslog:7.3.10:::::::* cpe:2.3:a:rsyslog:rsyslog:7.3.1:::::::* cpe:2.3:a:rsyslog:rsyslog:7.3.0:::::::* cpe:2.3:a:rsyslog:rsyslog:7.2.7:::::::* cpe:2.3:a:rsyslog:rsyslog:7.2.6:::::::* cpe:2.3:a:rsyslog:rsyslog:7.2.5:::::::* cpe:2.3:a:rsyslog:rsyslog:7.2.4:::::::* cpe:2.3:a:rsyslog:rsyslog:7.2.3:::::::* cpe:2.3:a:rsyslog:rsyslog:7.2.2:::::::* cpe:2.3:a:rsyslog:rsyslog:7.2.1:::::::* cpe:2.3:a:rsyslog:rsyslog:7.1.9:::::::* cpe:2.3:a:rsyslog:rsyslog:7.1.8:::::::* cpe:2.3:a:rsyslog:rsyslog:7.1.7:::::::* cpe:2.3:a:rsyslog:rsyslog:7.1.6:::::::* cpe:2.3:a:rsyslog:rsyslog:7.1.5:::::::* cpe:2.3:a:rsyslog:rsyslog:7.1.4:::::::* cpe:2.3:a:rsyslog:rsyslog:7.1.3:::::::* cpe:2.3:a:rsyslog:rsyslog:7.1.2:::::::* cpe:2.3:a:rsyslog:rsyslog:7.1.12:::::::* cpe:2.3:a:rsyslog:rsyslog:7.1.11:::::::* cpe:2.3:a:rsyslog:rsyslog:7.1.10:::::::* cpe:2.3:a:rsyslog:rsyslog:7.1.1:::::::* cpe:2.3:a:rsyslog:rsyslog:7.1.0:::::::* cpe:2.3:a:rsyslog:rsyslog:6.6.0:::::::* cpe:2.3:a:rsyslog:rsyslog:6.5.1:::::::* cpe:2.3:a:rsyslog:rsyslog:6.4.2:::::::* cpe:2.3:a:rsyslog:rsyslog:6.1.3:::::::* cpe:2.3:a:rsyslog:rsyslog:6.1.2:::::::* cpe:2.3:a:rsyslog:rsyslog:6.1.1:::::::* cpe:2.3:a:rsyslog:rsyslog:6.1.0:::::::* cpe:2.3:a:rsyslog:rsyslog:5.8.4:::::::* cpe:2.3:a:rsyslog:rsyslog:5.8.3:::::::* cpe:2.3:a:rsyslog:rsyslog:5.8.2:::::::* cpe:2.3:a:rsyslog:rsyslog:5.8.1:::::::* cpe:2.3:a:rsyslog:rsyslog:5.8.0:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.9:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.8:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.7:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.6:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.5:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.4:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.3:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.2:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.10:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.1:::::::* cpe:2.3:a:rsyslog:rsyslog:5.7.0:::::::* cpe:2.3:a:rsyslog:rsyslog:5.6.5:::::::* cpe:2.3:a:rsyslog:rsyslog:5.6.4:::::::* cpe:2.3:a:rsyslog:rsyslog:5.6.3:::::::* cpe:2.3:a:rsyslog:rsyslog:5.6.2:::::::* cpe:2.3:a:rsyslog:rsyslog:5.6.1:::::::* cpe:2.3:a:rsyslog:rsyslog:5.6.0:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.7:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.6:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.5:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.4:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.3:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.2:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.1:::::::* cpe:2.3:a:rsyslog:rsyslog:5.5.0:::::::* cpe:2.3:a:rsyslog:rsyslog:5.4.2:::::::* cpe:2.3:a:rsyslog:rsyslog:5.4.1:::::::* cpe:2.3:a:rsyslog:rsyslog:5.4.0:::::::* cpe:2.3:a:rsyslog:rsyslog:5.3.7:::::::* cpe:2.3:a:rsyslog:rsyslog:5.3.6:::::::* cpe:2.3:a:rsyslog:rsyslog:5.3.5:::::::* cpe:2.3:a:rsyslog:rsyslog:5.3.4:::::::* cpe:2.3:a:rsyslog:rsyslog:5.3.3:::::::* cpe:2.3:a:rsyslog:rsyslog:5.3.2:::::::* cpe:2.3:a:rsyslog:rsyslog:5.3.1:::::::* cpe:2.3:a:rsyslog:rsyslog:5.2.2:::::::* cpe:2.3:a:rsyslog:rsyslog:5.2.1:::::::* cpe:2.3:a:rsyslog:rsyslog:5.2.0:::::::* cpe:2.3:a:rsyslog:rsyslog:5.1.6:::::::* cpe:2.3:a:rsyslog:rsyslog:5.1.5:::::::* cpe:2.3:a:rsyslog:rsyslog:5.1.4:::::::* cpe:2.3:a:rsyslog:rsyslog:5.1.3:::::::* cpe:2.3:a:rsyslog:rsyslog:5.1.2:::::::* cpe:2.3:a:rsyslog:rsyslog:5.1.1:::::::* cpe:2.3:a:rsyslog:rsyslog:5.1.0:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.7:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.6:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.5:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.4:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.3:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.2:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.1:::::::* cpe:2.3:a:rsyslog:rsyslog:4.6.0:::::::* cpe:2.3:a:rsyslog:rsyslog:4.5.8:::::::* cpe:2.3:a:rsyslog:rsyslog:4.5.7:::::::* cpe:2.3:a:rsyslog:rsyslog:4.5.6:::::::* cpe:2.3:a:rsyslog:rsyslog:4.5.5:::::::* cpe:2.3:a:rsyslog:rsyslog:4.5.4:::::::* cpe:2.3:a:rsyslog:rsyslog:4.5.3:::::::* cpe:2.3:a:rsyslog:rsyslog:4.5.2:::::::* cpe:2.3:a:rsyslog:rsyslog:4.5.1:::::::* cpe:2.3:a:rsyslog:rsyslog:4.5.0:::::::* cpe:2.3:a:rsyslog:rsyslog:4.4.2:::::::* cpe:2.3:a:rsyslog:rsyslog:4.4.1:::::::* cpe:2.3:a:rsyslog:rsyslog:4.4.0:::::::* cpe:2.3:a:rsyslog:rsyslog:4.3.2:::::::* cpe:2.3:a:rsyslog:rsyslog:4.3.1:::::::* cpe:2.3:a:rsyslog:rsyslog:4.3.0:::::::* cpe:2.3:a:rsyslog:rsyslog:4.2.0:::::::* cpe:2.3:a:rsyslog:rsyslog:4.1.7:::::::* cpe:2.3:a:rsyslog:rsyslog:4.1.6:::::::* cpe:2.3:a:rsyslog:rsyslog:4.1.5:::::::* cpe:2.3:a:rsyslog:rsyslog:4.1.4:::::::* cpe:2.3:a:rsyslog:rsyslog:4.1.3:::::::* cpe:2.3:a:rsyslog:rsyslog:4.1.2:::::::* cpe:2.3:a:rsyslog:rsyslog:4.1.1:::::::* cpe:2.3:a:rsyslog:rsyslog:4.1.0:::::::* cpe:2.3:a:rsyslog:rsyslog:3.20.0:::::::* cpe:2.3:a:rsyslog:rsyslog:3.19.9:::::::* cpe:2.3:a:rsyslog:rsyslog:3.19.8:::::::* cpe:2.3:a:rsyslog:rsyslog:3.19.7:::::::* cpe:2.3:a:rsyslog:rsyslog:3.19.6:::::::* cpe:2.3:a:rsyslog:rsyslog:3.19.5:::::::* cpe:2.3:a:rsyslog:rsyslog:3.19.4:::::::* cpe:2.3:a:rsyslog:rsyslog:3.19.3:::::::* cpe:2.3:a:rsyslog:rsyslog:3.19.2:::::::* cpe:2.3:a:rsyslog:rsyslog:3.19.12:::::::* cpe:2.3:a:rsyslog:rsyslog:3.19.11:::::::* cpe:2.3:a:rsyslog:rsyslog:3.19.10:::::::* cpe:2.3:a:rsyslog:rsyslog:3.19.1:::::::* cpe:2.3:a:rsyslog:rsyslog:3.19.0:::::::* cpe:2.3:a:rsyslog:rsyslog:3.17.5:beta:::::: cpe:2.3:a:rsyslog:rsyslog:3.17.4:beta:::::: cpe:2.3:a:rsyslog:rsyslog:3.17.1:::::::* cpe:2.3:a:rsyslog:rsyslog:3.17.0:::::::* cpe:2.3:a:rsyslog:rsyslog:3.15.1:beta:::::: cpe:2.3:a:rsyslog:rsyslog:3.15.0:::::::* cpe:2.3:a:rsyslog:rsyslog:3.13.0:::::::* cpe:2.3:a:rsyslog:rsyslog:3.12.5:::::::* cpe:2.3:a:rsyslog:rsyslog:3.12.4:::::::* cpe:2.3:a:rsyslog:rsyslog:3.12.3:::::::* cpe:2.3:a:rsyslog:rsyslog:3.12.2:::::::* cpe:2.3:a:rsyslog:rsyslog:3.12.1:::::::* cpe:2.3:a:rsyslog:rsyslog:::::::: cpe:2.3:a:rsyslog:rsyslog:-:::::::*	172
Application	Sysklogd Project Sysklogd cpe:2.3:a:sysklogd_project:sysklogd:1.4.1:::::::* cpe:2.3:a:sysklogd_project:sysklogd:1.4:::::::* cpe:2.3:a:sysklogd_project:sysklogd:1.3:::::::* cpe:2.3:a:sysklogd_project:sysklogd:1.2:::::::* cpe:2.3:a:sysklogd_project:sysklogd:1.1:::::::*	5

Snort® IPS/IDS

Date	Description
2015-04-16	rsyslog remote PRI out of bounds attempt RuleID : 33858 - Revision : 3 - Type : SERVER-OTHER
2014-11-19	rsyslog remote PRI out of bounds attempt RuleID : 32240 - Revision : 4 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date	Description
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-1438-1.nasl - Type : ACT_GATHER_INFO
2015-03-30	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-130.nasl - Type : ACT_GATHER_INFO
2014-12-26	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-35.nasl - Type : ACT_GATHER_INFO
2014-12-02	Name : The remote AIX host has a vulnerable version of rsyslog. File : aix_rsyslog_advisory.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2014-0030.nasl - Type : ACT_GATHER_INFO
2014-11-18	Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2014-445.nasl - Type : ACT_GATHER_INFO
2014-11-12	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1654.nasl - Type : ACT_GATHER_INFO
2014-11-03	Name : The remote Fedora host is missing a security update. File : fedora_2014-12875.nasl - Type : ACT_GATHER_INFO
2014-10-27	Name : The remote Fedora host is missing a security update. File : fedora_2014-12910.nasl - Type : ACT_GATHER_INFO
2014-10-27	Name : The remote Fedora host is missing a security update. File : fedora_2014-12878.nasl - Type : ACT_GATHER_INFO
2014-10-23	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141020_rsyslog5_and_rsyslog_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2014-10-23	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1654.nasl - Type : ACT_GATHER_INFO
2014-10-22	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-196.nasl - Type : ACT_GATHER_INFO
2014-10-22	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1671.nasl - Type : ACT_GATHER_INFO
2014-10-21	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1671.nasl - Type : ACT_GATHER_INFO
2014-10-21	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1671.nasl - Type : ACT_GATHER_INFO
2014-10-17	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1654.nasl - Type : ACT_GATHER_INFO
2014-10-16	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-592.nasl - Type : ACT_GATHER_INFO
2014-10-16	Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-591.nasl - Type : ACT_GATHER_INFO
2014-10-16	Name : The remote Fedora host is missing a security update. File : fedora_2014-12563.nasl - Type : ACT_GATHER_INFO
2014-10-16	Name : The remote Fedora host is missing a security update. File : fedora_2014-12503.nasl - Type : ACT_GATHER_INFO
2014-10-15	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_rsyslog-141006.nasl - Type : ACT_GATHER_INFO
2014-10-15	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20141013_rsyslog_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-1397.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-1397.nasl - Type : ACT_GATHER_INFO
2014-10-14	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-1397.nasl - Type : ACT_GATHER_INFO
2014-10-11	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-2381-1.nasl - Type : ACT_GATHER_INFO
2014-10-09	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3047.nasl - Type : ACT_GATHER_INFO
2014-10-02	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3040.nasl - Type : ACT_GATHER_INFO
2014-10-01	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_8e0e86ff48b511e4ab80000c29f6ae42.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://advisories.mageia.org/MGASA-2014-0411.html
http://linux.oracle.com/errata/ELSA-2014-1654
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00005.html
http://lists.opensuse.org/opensuse-updates/2014-10/msg00020.html
http://lists.opensuse.org/opensuse-updates/2014-10/msg00021.html
http://rhn.redhat.com/errata/RHSA-2014-1397.html
http://rhn.redhat.com/errata/RHSA-2014-1654.html
http://rhn.redhat.com/errata/RHSA-2014-1671.html
http://secunia.com/advisories/61494
http://secunia.com/advisories/61720
http://secunia.com/advisories/61930
http://www.debian.org/security/2014/dsa-3040
http://www.mandriva.com/security/advisories?name=MDVSA-2015:130
http://www.openwall.com/lists/oss-security/2014/09/30/15
http://www.openwall.com/lists/oss-security/2014/10/03/1
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.rsyslog.com/remote-syslog-pri-vulnerability/
http://www.ubuntu.com/usn/USN-2381-1

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-11-28 12:41:00	Multiple Updates
2021-05-05 01:15:19	Multiple Updates
2021-05-04 12:32:21	Multiple Updates
2021-04-22 01:39:29	Multiple Updates
2020-05-23 01:52:13	Multiple Updates
2020-05-23 00:41:09	Multiple Updates
2019-08-07 12:06:12	Multiple Updates
2019-01-29 12:02:53	Multiple Updates
2017-08-03 12:01:31	Multiple Updates
2016-10-18 12:03:53	Multiple Updates
2016-04-27 00:53:22	Multiple Updates
2015-05-21 13:31:22	Multiple Updates
2015-04-16 21:26:23	Multiple Updates
2015-04-10 09:26:21	Multiple Updates
2015-03-31 13:28:35	Multiple Updates
2014-12-27 13:25:06	Multiple Updates
2014-12-03 13:28:22	Multiple Updates
2014-11-27 13:28:32	Multiple Updates
2014-11-19 21:23:18	Multiple Updates
2014-11-19 13:25:10	Multiple Updates
2014-11-14 13:28:07	Multiple Updates
2014-11-13 13:27:02	Multiple Updates
2014-11-04 13:27:30	Multiple Updates
2014-11-04 09:24:56	Multiple Updates
2014-11-02 09:25:21	First insertion

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	10
CPE ID(s)	177
Sources(s)	18
Snort® Rule(s)	2
Nessus® Exploit(s)	30

	Related
7.5	USN-2381-1
7.5	RHSA-2014:1671
7.5	RHSA-2014:1654
7.5	RHSA-2014:1397
7.5	MDVSA-2015:130
7.5	MDVSA-2014:196
7.5	GLSA-201412-35
7.5	DSA-3047
7.5	DSA-3040
5	CVE-2014-3683
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 10 more Alert(s)

7.5 - CVE-2014-3634

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU