CVE-2011-3200

Publication date 6 September 2011

Last updated 24 July 2024

Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
rsyslog	11.04 natty	Fixed 4.6.4-2ubuntu4.1
	10.10 maverick	Not affected
	10.04 LTS lucid	Not affected
	8.04 LTS hardy	Not affected

How can I get the fixes?
What do statuses mean?

Notes

jdstrand

On i386 and amd64 it seems to just truncate messages slightly and not be a DoS. Will patch anyway just in case for other architectures.

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-1224-1
rsyslog vulnerability
3 October 2011

Other references

https://www.cve.org/CVERecord?id=CVE-2011-3200