Download
| Alert*
oval:org.secpod.oval:def:89002354
This update for librelp fixes the following issues: CVE-2018-1000140 : librelp contained a stack-based buffer overflow in the checking of x509 certificates. A remote attacker with an access to the rsyslog logging facility could have exploited it by sending a specially crafted x509 certificate. oval:org.secpod.oval:def:89002369 This update for librelp fixes the following issues: CVE-2018-1000140 : librelp contained a stack-based buffer overflow in the checking of x509 certificates. A remote attacker with an access to the rsyslog logging facility could have exploited it by sending a specially crafted x509 certificate. oval:org.secpod.oval:def:204816 Librelp is an easy-to-use library for the Reliable Event Logging Protocol protocol. RELP is a general-purpose, extensible logging protocol. Security Fix: * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/tcp.c For more details about the security issue, including the impa ... oval:org.secpod.oval:def:204777 Librelp is an easy-to-use library for the Reliable Event Logging Protocol protocol. RELP is a general-purpose, extensible logging protocol. Security Fix: * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/tcp.c For more details about the security issue, including the impa ... oval:org.secpod.oval:def:1901200 rsyslog librelp0 version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by se ... oval:org.secpod.oval:def:502281 Librelp is an easy-to-use library for the Reliable Event Logging Protocol protocol. RELP is a general-purpose, extensible logging protocol. Security Fix: * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/tcp.c For more details about the security issue, including the impa ... oval:org.secpod.oval:def:502280 Librelp is an easy-to-use library for the Reliable Event Logging Protocol protocol. RELP is a general-purpose, extensible logging protocol. Security Fix: * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/tcp.c For more details about the security issue, including the impa ... oval:org.secpod.oval:def:704030 librelp: Reliable Event Logging Protocol library librelp could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:53286 Bas van Schaik and Kevin Backhouse discovered a stack-based buffer overflow vulnerability in librelp, a library providing reliable event logging over the network, triggered while checking x509 certificates from a peer. A remote attacker able to connect to rsyslog can take advantage of this flaw for ... oval:org.secpod.oval:def:114252 Librelp is an easy to use library for the RELP protocol. RELP is a general-purpose, extensible logging protocol. oval:org.secpod.oval:def:114250 Librelp is an easy to use library for the RELP protocol. RELP is a general-purpose, extensible logging protocol. oval:org.secpod.oval:def:89046358 This update for librelp fixes the following issues: - CVE-2018-1000140: Fixed remote attack via specially crafted x509 certificates when connecting to rsyslog to trigger a stack buffer overflow and run arbitrary code . oval:org.secpod.oval:def:1502188 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502187 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:603330 Bas van Schaik and Kevin Backhouse discovered a stack-based buffer overflow vulnerability in librelp, a library providing reliable event logging over the network, triggered while checking x509 certificates from a peer. A remote attacker able to connect to rsyslog can take advantage of this flaw for ... oval:org.secpod.oval:def:1700023 Stack-based buffer overflow in relpTcpChkPeerName function in src/tcp.c:rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacke ... oval:org.secpod.oval:def:52918 librelp: Reliable Event Logging Protocol library librelp could be made to crash or run programs if it received specially crafted network traffic. |