Back to search
CVE-2014-3683
Published: Nov 2, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
Integer overflow in rsyslog before 7.6.7 and 8.x before 8.4.2 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash) via a large priority (PRI) value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3634.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
openSUSE-SU-2014:1297
vendor-advisory
x_refsource_SUSE
SUSE-SU-2014:1294
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2014:1298
vendor-advisory
x_refsource_SUSE
[oss-security] 20140930 vulnerability in rsyslog
mailing-list
x_refsource_MLIST
61494
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20141003 sysklogd vulnerability (CVE-2014-3634)
mailing-list
x_refsource_MLIST
http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/
x_refsource_CONFIRM
USN-2381-1
vendor-advisory
x_refsource_UBUNTU
DSA-3047
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now