User: Password:
Subscribe / Log in / New account

rsyslog: denial of service

Package(s):rsyslog CVE #(s):CVE-2011-4623
Created:January 24, 2012 Updated:July 10, 2012
Description: From the Ubuntu advisory:

Peter Eisentraut discovered that Rsyslog would not properly perform input validation when configured to use imfile. If an attacker were able to craft messages in a file that Rsyslog monitored, an attacker could cause a denial of service. The imfile module is disabled by default in Ubuntu.

Gentoo 201412-35 rsyslog 2014-12-24
CentOS CESA-2012:0796 rsyslog 2012-07-10
Scientific Linux SL-rsys-20120709 rsyslog 2012-07-09
Oracle ELSA-2012-0796 rsyslog 2012-07-02
Mandriva MDVSA-2012:100 rsyslog 2012-06-25
Red Hat RHSA-2012:0796-04 rsyslog 2012-06-20
Ubuntu USN-1338-1 rsyslog 2012-01-23

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds