QwikSec

Security Database

CVE

CWE

Training

CVE-2011-1489

Published: Nov 14, 2019

Modified: Aug 6, 2024

PUBLISHED

Description

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset.

Vendor	Product	Versions
rsyslog	rsyslog	affected `before 5.7.6`

References

https://security-tracker.debian.org/tracker/CVE-2011-1489

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1489

x_refsource_MISC

https://access.redhat.com/security/cve/cve-2011-1489

x_refsource_MISC

http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00005.html

x_refsource_MISC

https://github.com/rsyslog/rsyslog/commit/1ef709cc97d54f74d3fdeb83788cc4b01f4c6a2a

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.