Bas Van Schaik

**Name of the Vulnerable Software and Affected Versions** librelp versions 1.2.14 and earlier **Description** The issue is related to a Buffer Overflow vulnerability in the checking of x509 certificates from a peer, which can result in Remote code execution. This can be exploited by a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate. The vulnerability is associated with the snprintf() function of the RELP library, which can cause a buffer overflow in memory when processing x509 certificates, allowing a remote attacker to execute arbitrary code. **Recommendations** For librelp versions 1.2.14 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OATH Toolkit versions prior to 2.4.1 **Description** The issue arises from the improper handling of lines containing an invalid one-time-password (OTP) type and a user name in /etc/users.oath by the usersfile.c in liboath. This leads to the wrong line being updated when invalidating an OTP, allowing context-dependent attackers to conduct replay attacks. For instance, this can be demonstrated by a commented out line when using libpam-oath. **Recommendations** For OATH Toolkit versions prior to 2.4.1, update to version 2.4.1 or later to resolve the issue.