fkie_cve-2011-3200
Vulnerability from fkie_nvd
Published
2011-09-06 16:55
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C189E19A-16F3-40C9-B480-58013C5ED16D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0839E9A-147E-4297-AE06-34AC67471001",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5A7D9B57-777D-4B0F-BFD0-2642064FFBFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "654A4E45-2E4D-420D-8653-B03240ED4A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CF03E62D-026D-4C33-BB0D-9D5B788DC5C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "32DE7607-0082-4013-812B-0777C23BA1AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C19BCBF2-09C1-4B2E-90C0-44086BCF5643",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C8C0123D-3D76-418D-BE38-00C10F147DA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E8B8362-FB8A-47E0-AC3D-DC6A1138758D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "72D612FA-5842-400D-AADA-D2CFF3A9C2B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "41A66E91-25CA-48D9-9876-B7BF59E24002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "52FD86EF-92A1-4FB4-9EC1-E6DFBD93499B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AC62EFFF-52BB-4B75-811B-90FABA83FF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31115B81-97B1-49DB-B524-1F3234F3B999",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4F28E8B1-0266-4498-B255-A05B7FE22F84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E4CECA40-8267-4791-90B2-06311D33D73C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "298BE072-6C64-4AB4-AE92-16C6ADD3B7E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4338B0BD-6F52-405B-AED9-2ED2B4B50AC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E9CDDD7-F22B-4980-BD0A-7F91E9B9D384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE7FF76-4F5E-4D0E-AF9A-8579C93FA472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF97FDB-8862-44BA-9732-15191AC8181E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "962616FC-9BB4-4978-8011-6084931A2CD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83F00805-390F-4736-894E-1F5CEB1F1629",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DB45F90-FD8E-4ABA-8C26-D3A49CA684D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E0ED3A21-75EF-438C-AC9E-1CA67985DC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF11421-19E4-4DE4-849E-96BC2045CEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F98CEA8A-814C-4812-9E10-874CB0967303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2F5141AA-FE13-4AE7-9F5A-873CDFDA5B2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E985BF5-8B9E-45C1-ADC1-B5F964EABD5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7EC105-0E13-4D47-9D0A-315013657DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0244736-F857-4A74-84E4-BB7F591CE7F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3607C1AE-E3C8-4786-8EEE-0B1D1A9B098C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2D28F99E-27B8-47F8-981A-5D9E38BEADE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA11F46-D8FE-44BD-B792-A78800AC46A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A1FC9D6A-3E72-4E93-8EC7-A82A24F3E73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0FAF7B-3BDB-4048-9040-B65145CA0267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "995DAD4E-7B30-474C-A06C-4D5AA57071C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A0107C61-B60E-4BC9-8D97-D1CB02B37F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "218031FE-C023-4637-B4CA-EC2B7633D84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DF6D59-AC76-4C98-A878-B618CEE59E6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "826FCA60-5D6D-4606-9024-E005C6FA6170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BE08A955-0416-41AF-AFD4-8E065A1E1A9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E6BA5F54-DAFC-48DA-BFD6-EB1414F55391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2ADD25C5-1729-4C06-BCC5-27A99A665E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "16EACD36-04B0-4D5F-B7E3-E625CCE445E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "91B8BDF5-7427-4421-8E66-568FC2FC2EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB647DD4-31EC-40E5-B9A7-73A6C213D3B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA66A00-FB7A-4040-B8FC-9B6C48357C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C1EEEC6D-C50B-4C40-83E1-A8FBD813CB04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F12BBF6-985F-4A29-9968-CFE440885BB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE8ABAF-41AA-43D9-B72B-57C27059C2C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer basado en la pila en la funci\u00f3n parseLegacySyslogMsg en tools/syslogd.c en rsyslogd en rsyslog v4.6.x antes de v4.6.8 y v5.2.0 hasta la v5.8.4 podr\u00eda permitir a atacantes remotos provocar una denegaci\u00f3n de servicio (salida de la aplicaci\u00f3n) a trav\u00e9s de un TAG demasiado largo en un mensaje de syslog antiguo."
}
],
"id": "CVE-2011-3200",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-09-06T16:55:10.837",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=1ca6cc236d1dabf1633238b873fb1c057e52f95e"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065837.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065941.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2011-09/msg00013.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/45922"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/46027"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1026000"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:134"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1247.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.rsyslog.com/potential-dos-with-malformed-tag/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/49413"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=1ca6cc236d1dabf1633238b873fb1c057e52f95e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065941.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2011-09/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/45922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1026000"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1247.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.rsyslog.com/potential-dos-with-malformed-tag/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=727644"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…