{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-02-09T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffer overflow."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-01-23T18:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://bugzilla.adiscon.com/show_bug.cgi?id=221"}, {"name": "USN-1338-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1338-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://rsyslog.com/changelog-for-6-1-4-devel/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=769822"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=6bad782f154b7f838c7371bf99c13f6dc4ec4101"}, {"name": "1026556", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1026556"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://rsyslog.com/changelog-for-5-7-4-v5-beta/"}, {"name": "45848", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/45848"}, {"name": "51171", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/51171"}, {"name": "47698", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47698"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://rsyslog.com/changelog-for-4-6-6-v4-stable/"}, {"name": "[oss-security] 20111222 Re: CVE Request -- rsyslog -- DoS due integer signedness error while extending rsyslog counted string buffer", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/12/22/2"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:09:19.333Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugzilla.adiscon.com/show_bug.cgi?id=221"}, {"name": "USN-1338-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1338-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://rsyslog.com/changelog-for-6-1-4-devel/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=769822"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=6bad782f154b7f838c7371bf99c13f6dc4ec4101"}, {"name": "1026556", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1026556"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://rsyslog.com/changelog-for-5-7-4-v5-beta/"}, {"name": "45848", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/45848"}, {"name": "51171", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/51171"}, {"name": "47698", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/47698"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://rsyslog.com/changelog-for-4-6-6-v4-stable/"}, {"name": "[oss-security] 20111222 Re: CVE Request -- rsyslog -- DoS due integer signedness error while extending rsyslog counted string buffer", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/12/22/2"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-4623", "datePublished": "2012-09-25T23:00:00", "dateReserved": "2011-11-29T00:00:00", "dateUpdated": "2024-08-07T00:09:19.333Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "841185A1-0CD7-4965-A40A-45836037B910", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4AB0A79C-E420-468E-9388-5E19EA54EA89", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "34C010EA-3A59-4D2E-93CB-9C341B954ED4", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "1C94467B-F849-4400-8385-B7906C705278", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "78820540-0924-4991-8588-98B3D8073C5D", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "374E62FF-AAFA-4D67-868A-AA04F36342E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "E3661AC6-F94D-4172-AB47-703FB9C0ABA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "6009D909-1741-4859-A218-B218A44785E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "1D1E4A0B-C05F-479D-97D2-6CB3246000BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "B837CDD0-4026-46D6-A92E-7BB978F98B4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "9C8C51A8-3967-4B52-ABDE-8C53EE99BF56", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "5988F88B-273F-4F1F-BAB2-3C29AE926EEA", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "5EAB8FF7-3352-48AA-B2F7-4DF8EB7C309E", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "4B29847C-783E-4518-9F11-9E011B04EB82", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "8780325E-72C5-41C0-AE27-84849C6916CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "9905CA1B-D0C6-4F71-AF93-D0FD4E083EA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "79E83912-6BC8-47C4-B45D-E3D91A7FDC12", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "8C7B6A58-F1E3-4505-9271-6CBBB2EA7646", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "35DF0979-6A93-46F2-808D-7C401014D97A", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "C8CA895C-6D01-46BE-8FA0-710F67710CD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "8F122977-A2F5-41AC-BCAD-FDBAF6544514", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "C9C2EE07-2385-40B3-B98B-2701ECE662CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "3F192D2B-F1DB-4E5F-A0A3-7F7A34F9E13C", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "F593F49F-3B11-4203-84CC-EE1B22C80304", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "C189E19A-16F3-40C9-B480-58013C5ED16D", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0839E9A-147E-4297-AE06-34AC67471001", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "5A7D9B57-777D-4B0F-BFD0-2642064FFBFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "654A4E45-2E4D-420D-8653-B03240ED4A88", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "CF03E62D-026D-4C33-BB0D-9D5B788DC5C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "32DE7607-0082-4013-812B-0777C23BA1AC", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "662C8A8F-E0D0-46C1-9918-24A8CA998A7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "77853E52-17B9-46E2-AF47-15B0B54498C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "D36B64B8-06C6-4C14-A240-D3116FAF9025", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "7FCCE757-93EC-47F7-AEB4-B7F3F2F77EE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "83EC6852-0309-4652-94E9-F44E77EF72A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "5E14CB63-62A5-4264-94A1-B03560A523ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "1BF47C64-6992-4ED1-A903-D0F753A95D37", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "6E8B8362-FB8A-47E0-AC3D-DC6A1138758D", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "72D612FA-5842-400D-AADA-D2CFF3A9C2B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "41A66E91-25CA-48D9-9876-B7BF59E24002", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "52FD86EF-92A1-4FB4-9EC1-E6DFBD93499B", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "AC62EFFF-52BB-4B75-811B-90FABA83FF33", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "31115B81-97B1-49DB-B524-1F3234F3B999", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "4F28E8B1-0266-4498-B255-A05B7FE22F84", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "E4CECA40-8267-4791-90B2-06311D33D73C", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "298BE072-6C64-4AB4-AE92-16C6ADD3B7E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "4338B0BD-6F52-405B-AED9-2ED2B4B50AC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "0E9CDDD7-F22B-4980-BD0A-7F91E9B9D384", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "4CE7FF76-4F5E-4D0E-AF9A-8579C93FA472", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "3AF97FDB-8862-44BA-9732-15191AC8181E", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "962616FC-9BB4-4978-8011-6084931A2CD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "83F00805-390F-4736-894E-1F5CEB1F1629", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "4DB45F90-FD8E-4ABA-8C26-D3A49CA684D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "E0ED3A21-75EF-438C-AC9E-1CA67985DC46", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "5CF11421-19E4-4DE4-849E-96BC2045CEEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "F98CEA8A-814C-4812-9E10-874CB0967303", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "2F5141AA-FE13-4AE7-9F5A-873CDFDA5B2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "2E985BF5-8B9E-45C1-ADC1-B5F964EABD5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE7EC105-0E13-4D47-9D0A-315013657DA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0244736-F857-4A74-84E4-BB7F591CE7F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "3607C1AE-E3C8-4786-8EEE-0B1D1A9B098C", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "2D28F99E-27B8-47F8-981A-5D9E38BEADE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "6BA11F46-D8FE-44BD-B792-A78800AC46A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "A1FC9D6A-3E72-4E93-8EC7-A82A24F3E73E", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "4C0FAF7B-3BDB-4048-9040-B65145CA0267", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "995DAD4E-7B30-474C-A06C-4D5AA57071C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "A0107C61-B60E-4BC9-8D97-D1CB02B37F77", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:5.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "218031FE-C023-4637-B4CA-EC2B7633D84E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rsyslog:rsyslog:6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A7D4609D-5FE8-4EDB-87DA-C3F308604721", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D9461EE-66F3-445A-A556-9115CCD9CA7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "C11B843B-1386-4987-9747-F047467C5F4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:6.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "59CDD3CE-1746-4338-91E9-63E288975A1D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffer overflow."}, {"lang": "es", "value": "Desbordamiento de entero en la funci\u00f3n rsCStrExtendBuf en runtime/stringbuf.c en el m\u00f3dulo imfile en rsyslog v4.x anteriores v4.6.6, v5.x anteriores a v5.7.4, y v6.x anteriores a v6.1.4, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue del demonio) a trav\u00e9s de un fichero grande, que provoca un desbordamiento de b\u00fafer basado en memoria din\u00e1mica."}], "id": "CVE-2011-4623", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-09-25T23:55:01.033", "references": [{"source": "secalert@redhat.com", "url": "http://bugzilla.adiscon.com/show_bug.cgi?id=221"}, {"source": "secalert@redhat.com", "url": "http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=6bad782f154b7f838c7371bf99c13f6dc4ec4101"}, {"source": "secalert@redhat.com", "url": "http://rsyslog.com/changelog-for-4-6-6-v4-stable/"}, {"source": "secalert@redhat.com", "url": "http://rsyslog.com/changelog-for-5-7-4-v5-beta/"}, {"source": "secalert@redhat.com", "url": "http://rsyslog.com/changelog-for-6-1-4-devel/"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/45848"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47698"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2011/12/22/2"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/51171"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1026556"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.ubuntu.com/usn/USN-1338-1"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=769822"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugzilla.adiscon.com/show_bug.cgi?id=221"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.adiscon.com/?p=rsyslog.git%3Ba=commit%3Bh=6bad782f154b7f838c7371bf99c13f6dc4ec4101"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rsyslog.com/changelog-for-4-6-6-v4-stable/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rsyslog.com/changelog-for-5-7-4-v5-beta/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rsyslog.com/changelog-for-6-1-4-devel/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/45848"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47698"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2011/12/22/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/51171"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1026556"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.ubuntu.com/usn/USN-1338-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=769822"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2012:0796", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "rsyslog-0:5.8.10-2.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2012-06-19T00:00:00Z"}], "bugzilla": {"description": "rsyslog: DoS due integer signedness error while extending rsyslog counted string buffer", "id": "769822", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=769822"}, "csaw": false, "cvss": {"cvss_base_score": "5.4", "cvss_scoring_vector": "AV:A/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffer overflow."], "name": "CVE-2011-4623", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "rsyslog", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2011-02-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2011-4623\nhttps://nvd.nist.gov/vuln/detail/CVE-2011-4623"], "threat_severity": "Moderate"}