CVE-2011-3200

EUVD-2011-3164
Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Affected Products (NVD)
VendorProductVersion
rsyslogrsyslog
4.6.0
rsyslogrsyslog
4.6.1
rsyslogrsyslog
4.6.2
rsyslogrsyslog
4.6.3
rsyslogrsyslog
4.6.4
rsyslogrsyslog
4.6.5
rsyslogrsyslog
4.6.6
rsyslogrsyslog
4.6.7
rsyslogrsyslog
5.2.0
rsyslogrsyslog
5.2.1
rsyslogrsyslog
5.2.2
rsyslogrsyslog
5.3.1
rsyslogrsyslog
5.3.2
rsyslogrsyslog
5.3.3
rsyslogrsyslog
5.3.4
rsyslogrsyslog
5.3.5
rsyslogrsyslog
5.3.6
rsyslogrsyslog
5.3.7
rsyslogrsyslog
5.4.0
rsyslogrsyslog
5.4.1
rsyslogrsyslog
5.4.2
rsyslogrsyslog
5.5.0
rsyslogrsyslog
5.5.1
rsyslogrsyslog
5.5.2
rsyslogrsyslog
5.5.3
rsyslogrsyslog
5.5.4
rsyslogrsyslog
5.5.5
rsyslogrsyslog
5.5.6
rsyslogrsyslog
5.5.7
rsyslogrsyslog
5.6.0
rsyslogrsyslog
5.6.1
rsyslogrsyslog
5.6.2
rsyslogrsyslog
5.6.3
rsyslogrsyslog
5.6.4
rsyslogrsyslog
5.6.5
rsyslogrsyslog
5.7.0
rsyslogrsyslog
5.7.1
rsyslogrsyslog
5.7.2
rsyslogrsyslog
5.7.3
rsyslogrsyslog
5.7.4
rsyslogrsyslog
5.7.5
rsyslogrsyslog
5.7.6
rsyslogrsyslog
5.7.7
rsyslogrsyslog
5.7.8
rsyslogrsyslog
5.7.9
rsyslogrsyslog
5.7.10
rsyslogrsyslog
5.8.0
rsyslogrsyslog
5.8.1
rsyslogrsyslog
5.8.2
rsyslogrsyslog
5.8.3
rsyslogrsyslog
5.8.4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
rsyslog
bookworm
8.2302.0-1
fixed
bullseye
8.2102.0-2+deb11u1
fixed
bullseye (security)
8.2102.0-2+deb11u1
fixed
lenny
no-dsa
sid
8.2410.0-1
fixed
squeeze
no-dsa
trixie
8.2410.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
rsyslog
hardy
not-affected
lucid
not-affected
maverick
not-affected
natty
Fixed 4.6.4-2ubuntu4.1
released
Common Weakness Enumeration
References
http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=1ca6cc236d1dabf1633238b873fb1c057e52f95e
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065837.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065941.html
http://lists.opensuse.org/opensuse-updates/2011-09/msg00013.html
http://secunia.com/advisories/45922
http://secunia.com/advisories/46027
http://securitytracker.com/id?1026000
http://www.mandriva.com/security/advisories?name=MDVSA-2011:134
http://www.redhat.com/support/errata/RHSA-2011-1247.html
http://www.rsyslog.com/potential-dos-with-malformed-tag/
http://www.securityfocus.com/bid/49413
https://bugzilla.redhat.com/show_bug.cgi?id=727644
http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=1ca6cc236d1dabf1633238b873fb1c057e52f95e
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065837.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065941.html
http://lists.opensuse.org/opensuse-updates/2011-09/msg00013.html
http://secunia.com/advisories/45922
http://secunia.com/advisories/46027
http://securitytracker.com/id?1026000
http://www.mandriva.com/security/advisories?name=MDVSA-2011:134
http://www.redhat.com/support/errata/RHSA-2011-1247.html
http://www.rsyslog.com/potential-dos-with-malformed-tag/
http://www.securityfocus.com/bid/49413
https://bugzilla.redhat.com/show_bug.cgi?id=727644