Mandriva Linux Security Advisory 2011-134 - Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service via a long TAG in a legacy syslog message. The updated packages have been patched to correct this issue. rsyslog was upgraded to the 5.8.5 version for Mandriva Linux 2011 that brings additional fixes as well.
5fb0cbf570f769eb1d92e3de9637a534df3c78e54efc976cdc152978df69fe25
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2011:134-1
http://www.mandriva.com/security/
_______________________________________________________________________
Package : rsyslog
Date : September 17, 2011
Affected: 2011.
_______________________________________________________________________
Problem Description:
A vulnerability was discovered and corrected in rsyslog:
Stack-based buffer overflow in the parseLegacySyslogMsg function
in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and
5.2.0 through 5.8.4 might allow remote attackers to cause a denial of
service (application exit) via a long TAG in a legacy syslog message
(CVE-2011-3200).
The updated packages have been patched to correct this issue.
Update:
rsyslog was upgraded to the 5.8.5 version for Mandriva Linux 2011
that brings additional fixes as well.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3200
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2011:
228f226916d824439e6a4fd285cb9a12 2011/i586/rsyslog-5.8.5-0.1-mdv2011.0.i586.rpm
0d375b7702380b2e27812712c839951c 2011/i586/rsyslog-dbi-5.8.5-0.1-mdv2011.0.i586.rpm
fae06eff4f62a72f42ff50e64fafa0a8 2011/i586/rsyslog-docs-5.8.5-0.1-mdv2011.0.i586.rpm
d0ff2d7850ac1bf283f40be3706b1430 2011/i586/rsyslog-gssapi-5.8.5-0.1-mdv2011.0.i586.rpm
ebf95b11f1f5885e1a38442947a2a88a 2011/i586/rsyslog-mysql-5.8.5-0.1-mdv2011.0.i586.rpm
befc020182f60f369e985a73b4b9a23b 2011/i586/rsyslog-pgsql-5.8.5-0.1-mdv2011.0.i586.rpm
7bff6a135737c1e1f7c0e1d812650021 2011/i586/rsyslog-relp-5.8.5-0.1-mdv2011.0.i586.rpm
2939c7ac8d11cc495c694745117a3fe8 2011/i586/rsyslog-snmp-5.8.5-0.1-mdv2011.0.i586.rpm
3f9422da535c208fa3b9afdb8ac4f0a4 2011/SRPMS/rsyslog-5.8.5-0.1.src.rpm
Mandriva Linux 2011/X86_64:
232bbe8e8ec465e046189513d0746a5d 2011/x86_64/rsyslog-5.8.5-0.1-mdv2011.0.x86_64.rpm
9795fb8f12fd216207a2db8f5f7fe9ac 2011/x86_64/rsyslog-dbi-5.8.5-0.1-mdv2011.0.x86_64.rpm
e658bdc14d24b0515d1882a20ddabad5 2011/x86_64/rsyslog-docs-5.8.5-0.1-mdv2011.0.x86_64.rpm
18b658c432c314a979e1d62eeb169330 2011/x86_64/rsyslog-gssapi-5.8.5-0.1-mdv2011.0.x86_64.rpm
60dd9e915c98fdb3f1844231aca00a37 2011/x86_64/rsyslog-mysql-5.8.5-0.1-mdv2011.0.x86_64.rpm
2096cfa840daade37cc0e9734f6a2170 2011/x86_64/rsyslog-pgsql-5.8.5-0.1-mdv2011.0.x86_64.rpm
94e23240f72b4ca537b2b03b798afe37 2011/x86_64/rsyslog-relp-5.8.5-0.1-mdv2011.0.x86_64.rpm
57068af0cb2faba0ee3543e4bbfbc273 2011/x86_64/rsyslog-snmp-5.8.5-0.1-mdv2011.0.x86_64.rpm
3f9422da535c208fa3b9afdb8ac4f0a4 2011/SRPMS/rsyslog-5.8.5-0.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFOdG5ImqjQ0CJFipgRAt+cAKDWDMhip4zaZLFyN8ya4K03D6GBHQCgtAC5
1DW4rqI+JJttSYZ2EyNVaOo=
=sGl9
-----END PGP SIGNATURE-----