Detections
Analytics
Debian DSA-3047-1 : rsyslog - security update
medium Nessus Plugin ID 78091
Language:
Synopsis
The remote Debian host is missing a security-related update.Description
Mancha discovered a vulnerability in rsyslog, a system for log processing. This vulnerability is an integer overflow that can be triggered by malformed messages to a server, if this one accepts data from untrusted sources, provoking message loss, denial of service and, potentially, remote code execution.This vulnerability can be seen as an incomplete fix of CVE-2014-3634 (DSA 3040-1).
For more information:
http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/
Solution
Upgrade the rsyslog packages.For the stable distribution (wheezy), this problem has been fixed in version 5.8.11-3+deb7u2.
See Also
https://packages.debian.org/source/wheezy/rsyslog
https://www.debian.org/security/2014/dsa-3047
https://security-tracker.debian.org/tracker/CVE-2014-3634
https://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/
Plugin Details
Severity: Medium
ID: 78091
File Name: debian_DSA-3047.nasl
Version: 1.11
Type: local
Agent: unix
Family: Debian Local Security Checks
Published: 10/9/2014
Updated: 1/11/2021
Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Vulnerability Information
CPE: p-cpe:/a:debian:debian_linux:rsyslog, cpe:/o:debian:debian_linux:7.0
Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l
Exploit Ease: No known exploits are available
Patch Publication Date: 10/8/2014
Reference Information
CVE: CVE-2014-3683
BID: 70243
DSA: 3047