This Metasploit module triggers an off-by-two overflow in the rsyslog daemon. This flaw is unlikely to yield code execution but is effective at shutting down a remote log daemon. This bug was introduced in version 4.6.0 and corrected in 4.6.8/5.8.5. Compiler differences may prevent this bug from causing any noticeable result on many systems (RHEL6 is affected).
1836af5218b01b297dea76f88ecafa1e2a6576adefd69c53dfff4c3fec648662Ubuntu Security Notice 1224-1 - It was discovered that rsyslog had an off-by-two error when parsing legacy syslog messages. An attacker could potentially exploit this to cause a denial of service via application crash.
a148d87e10c395bed74c26136c803512ac4ffbb49c4e522a424f33cc1ca2188dMandriva Linux Security Advisory 2011-134 - Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service via a long TAG in a legacy syslog message. The updated packages have been patched to correct this issue. rsyslog was upgraded to the 5.8.5 version for Mandriva Linux 2011 that brings additional fixes as well.
5fb0cbf570f769eb1d92e3de9637a534df3c78e54efc976cdc152978df69fe25Mandriva Linux Security Advisory 2011-134 - Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service via a long TAG in a legacy syslog message. The updated packages have been patched to correct this issue.
e2b9a9eebcd2c457f08a472995ec53958f06ca166dcb40494ec1727187937f57Red Hat Security Advisory 2011-1247-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon that supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine grained output format control. A two byte buffer overflow flaw was found in the rsyslog daemon's parseLegacySyslogMsg function. An attacker able to submit log messages to rsyslogd could use this flaw to crash the daemon. All rsyslog users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the rsyslog daemon will be restarted automatically.
32ee5a6363396d220abfb7a2aa15b03178f36efd87ad0d23da3a748135e149dd
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed