Main Vulnerability Database Vulnerabilities #VU22771

Buffer overflow in rsyslog - CVE-2019-17042

Published: November 14, 2019

Vulnerability identifier: #VU22771

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2019-17042

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: rsyslog.com

Affected software:
rsyslog

Detailed vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists in "contrib/pmcisconames/pmcisconames.c" due to a boundary error in the parser for Cisco log messages. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

How to mitigate CVE-2019-17042

Install updates from vendor's website.

Sources

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00031.html
https://github.com/rsyslog/rsyslog/blob/v8-stable/ChangeLog
https://github.com/rsyslog/rsyslog/pull/3883

Buffer overflow in rsyslog - CVE-2019-17042

Detailed vulnerability description

How to mitigate CVE-2019-17042

Sources

Please verify you're human