Ubuntu Update For Rsyslog USN-2381-1 Network Vulnerability

Summary

Check the version of rsyslog

Solution

Please Install the Updated Packages.

Insight

It was discovered that Rsyslog incorrectly handled invalid PRI values. An attacker could use this issue to send malformed messages to the Rsyslog server and cause it to stop responding, resulting in a denial of service and possibly message loss. (CVE-2014-3634, CVE-2014-3683)

Affected

rsyslog on Ubuntu 14.04 LTS , Ubuntu 12.04 LTS , Ubuntu 10.04 LTS

Detection

Get the installed version with the help of detect NVT and check if the version is vulnerable or not.

Severity

Classification

CVE CVE-2014-3634, CVE-2014-3683
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for ca-certificates USN-2154-1
Ubuntu Update for curl USN-1158-1
Ubuntu Update for clamav vulnerabilities USN-926-1
Ubuntu Update for exim4 USN-1135-1
Ubuntu Update for erlang vulnerability USN-624-2

Ubuntu Update for rsyslog USN-2381-1

Take action and discover your vulnerabilities