oss-sec mailing list archives
CVE-2018-1000140 - rsyslog librelp X.509 parsing issue
From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 23 Mar 2018 12:44:09 -0600
This was embargoed but then it got sent to the PUBLIC cve request page, so the cat is out of the bag as it were, so notifying oss-sec. {"data_version":"4.0","references":{"reference_data":[{"url":" https://github.com/rsyslog/librelp/blob/532aa362f0f7a8d037505b0a27a1df452f9bac9e/src/tcp.c#L1205 "},{"url":"https://lgtm.com/rules/1505913226124/"}]},"description":{"description_data":[{"lang":"eng","value":"rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate."}]},"data_type":"CVE","affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"version":{"version_data":[{"version_value":"1.2.14 and earlier"}]},"product_name":"librelp"}]},"vendor_name":"rsyslog"}]}},"CVE_data_meta":{"DATE_ASSIGNED":"3/20/2018 10:38:48","ID":"CVE-2018-1000140","ASSIGNER":"kurt () seifried org ","REQUESTER":"kev () semmle com"},"data_format":"MITRE","problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Buffer Overflow"}]}]}} -- Kurt Seifried -- Red Hat -- Product Security -- Cloud PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 Red Hat Product Security contact: secalert () redhat com
Current thread:
- CVE-2018-1000140 - rsyslog librelp X.509 parsing issue Kurt Seifried (Mar 23)