Rsyslog.PRI.Value.Parsing.Integer.Overflow.DoS

description-logoDescription

This indicates an attack attempt against a Denial Of Service vulnerability in rsyslog.
The vulnerability is caused by an integer overflow error when the vulnerable software handles maliciously crafted log message data. A remote attacker may be able to exploit this to cause denial of service conditions in the affected machine via crafted packets.

affected-products-logoAffected Products

Infodrom Oldenburg sysklogd prior to 1.5
rsyslog rsyslog prior to 7.6.7
rsyslog rsyslog prior to 8.4.2

Impact logoImpact

Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2023-07-31 25.611 Name:RSYSLOG.
PRI.
Value.
Parsing.
Integer.
Overflow.
DoS:Rsyslog.
PRI.
Value.
Parsing.
Integer.
Overflow.
DoS