Описание
rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate.
A stack-based buffer overflow was found in the way librelp parses X.509 certificates. By connecting or accepting connections from a remote peer, an attacker may use a specially crafted X.509 certificate to exploit this flaw and potentially execute arbitrary code.
Меры по смягчению последствий
Users are strongly advised not to expose their logging RELP services to a public network.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | librelp | Not affected | ||
| Red Hat Enterprise Linux 6 | librelp | Fixed | RHSA-2018:1225 | 24.04.2018 |
| Red Hat Enterprise Linux 6.6 Advanced Update Support | librelp | Fixed | RHSA-2018:1701 | 23.05.2018 |
| Red Hat Enterprise Linux 6.6 Telco Extended Update Support | librelp | Fixed | RHSA-2018:1701 | 23.05.2018 |
| Red Hat Enterprise Linux 6.7 Extended Update Support | librelp | Fixed | RHSA-2018:1702 | 23.05.2018 |
| Red Hat Enterprise Linux 7 | librelp | Fixed | RHSA-2018:1223 | 24.04.2018 |
| Red Hat Enterprise Linux 7.2 Advanced Update Support | librelp | Fixed | RHSA-2018:1703 | 23.05.2018 |
| Red Hat Enterprise Linux 7.2 Telco Extended Update Support | librelp | Fixed | RHSA-2018:1703 | 23.05.2018 |
| Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions | librelp | Fixed | RHSA-2018:1703 | 23.05.2018 |
| Red Hat Enterprise Linux 7.3 Extended Update Support | librelp | Fixed | RHSA-2018:1707 | 23.05.2018 |
Показывать по
Дополнительная информация
Статус:
EPSS
8.1 High
CVSS3
Связанные уязвимости
rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate.
rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate.
rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow ...
EPSS
8.1 High
CVSS3