CVE-2011-3200

Name of the Vulnerable Software and Affected Versions rsyslog versions 4.6.x through 4.6.7 rsyslog versions 5.2.0 through 5.8.4

Description The issue is related to a stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd. This might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message. The vulnerability can be exploited remotely and may lead to disruption of protected information availability.

Recommendations For rsyslog versions 4.6.x through 4.6.7, update to version 4.6.8 or later. For rsyslog versions 5.2.0 through 5.8.4, update to a version later than 5.8.4. As a temporary workaround, consider restricting access to the parseLegacySyslogMsg function until a patch is available.