Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-3634

Опубликовано: 02 нояб. 2014
Источник: nvd
CVSS2: 7.5
EPSS Средний

Описание

rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sysklogd_project:sysklogd:*:*:*:*:*:*:*:*
Версия до 1.5 (включая)
cpe:2.3:a:sysklogd_project:sysklogd:1.1:*:*:*:*:*:*:*
cpe:2.3:a:sysklogd_project:sysklogd:1.2:*:*:*:*:*:*:*
cpe:2.3:a:sysklogd_project:sysklogd:1.3:*:*:*:*:*:*:*
cpe:2.3:a:sysklogd_project:sysklogd:1.4:*:*:*:*:*:*:*
cpe:2.3:a:sysklogd_project:sysklogd:1.4.1:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:rsyslog:rsyslog:*:*:*:*:*:*:*:*
Версия до 7.6.5 (включая)
cpe:2.3:a:rsyslog:rsyslog:8.1.0:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.1.2:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.1.3:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.1.4:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.1.5:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.1.6:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.2.2:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.2.3:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.3.0:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.3.1:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.3.2:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.3.3:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.3.4:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.3.5:*:*:*:*:*:*:*
cpe:2.3:a:rsyslog:rsyslog:8.4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 97%
0.30554
Средний

7.5 High

CVSS2

Дефекты

CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2014-3634

ubuntu
почти 11 лет назад

rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.

redhat логотип

CVE-2014-3634

redhat
почти 11 лет назад

rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.

debian логотип

CVE-2014-3634

debian
почти 11 лет назад

rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier ...

github логотип

GHSA-h4gg-9gq4-7c4h

github
больше 3 лет назад

rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.

oracle-oval логотип

ELSA-2014-1671

oracle-oval
почти 11 лет назад

ELSA-2014-1671: rsyslog5 and rsyslog security update (MODERATE)

EPSS

Процентиль: 97%
0.30554
Средний

7.5 High

CVSS2

Дефекты

CWE-119