CVE-2011-1489

EPSS 0.5%

Vexday Risk Score

3Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS —EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

14 nov 2019Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than one ruleset. A local attacker could cause denial of the rsyslogd daemon service via a log message belonging to more than one ruleset.

Productos afectados

rsyslog · rsyslog

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00005.html https://access.redhat.com/security/cve/cve-2011-1489 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-1489 https://github.com/rsyslog/rsyslog/commit/1ef709cc97d54f74d3fdeb83788cc4b01f4c6a2a https://security-tracker.debian.org/tracker/CVE-2011-1489