Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce - RSYSLOG: integer overflow of PRI

October 2014 by Vigil@nce

This bulletin was written by Vigil@nce : http://vigilance.fr/offer

SYNTHESIS OF THE VULNERABILITY

An attacker can generate an integer overflow via PRI in RSYSLOG,
in order to trigger a denial of service, and possibly to execute
code.

 Impacted products: Debian, openSUSE, RSYSLOG, SUSE Linux
Enterprise Desktop, SLES, Ubuntu
 Severity: 2/4
 Creation date: 02/10/2014

DESCRIPTION OF THE VULNERABILITY

The RSYSLOG product analyzes messages in the SYSLOG format:
HEADER MSG
The PRI field indicates the priority, which is composed of the
message Facility and Severity.

However, if PRI is larger than MAX_INT, an index becomes negative,
and an array overflows in RSYSLOG.

When RSYSLOG is configured to accept SYSLOG messages from the
network, this vulnerability can be remotely exploited.

An attacker can therefore generate an integer overflow via PRI in
RSYSLOG, in order to trigger a denial of service, and possibly to
execute code.

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/RSYSLOG-integer-overflow-of-PRI-15437


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts