Описание
Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| hardy | not-affected | code not present |
| lucid | not-affected | has correct type |
| maverick | not-affected | has correct type |
| natty | released | 4.6.4-2ubuntu4.2 |
| oneiric | not-affected | 5.8.1-1ubuntu2 |
| upstream | released | 4.6.6, 5.7.4 |
Показывать по
EPSS
2.1 Low
CVSS2
Связанные уязвимости
Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffer overflow.
Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffer overflow.
Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf. ...
Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffer overflow.
ELSA-2012-0796: rsyslog security, bug fix, and enhancement update (MODERATE)
EPSS
2.1 Low
CVSS2