Vulnerabilities > CVE-2018-1000140 - Out-of-bounds Write vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Scientific Linux Local Security Checks NASL id SL_20180424_LIBRELP_ON_SL7_X.NASL description Security Fix(es) : - librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/tcp.c (CVE-2018-1000140) last seen 2020-03-18 modified 2018-05-01 plugin id 109464 published 2018-05-01 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109464 title Scientific Linux Security Update : librelp on SL7.x x86_64 (20180424) code # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(109464); script_version("1.5"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/24"); script_cve_id("CVE-2018-1000140"); script_xref(name:"IAVA", value:"2018-A-0202"); script_name(english:"Scientific Linux Security Update : librelp on SL7.x x86_64 (20180424)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Security Fix(es) : - librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/tcp.c (CVE-2018-1000140)" ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1804&L=scientific-linux-errata&F=&S=&P=9679 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?4f2da8a1" ); script_set_attribute( attribute:"solution", value: "Update the affected librelp, librelp-debuginfo and / or librelp-devel packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:librelp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:librelp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:librelp-devel"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/23"); script_set_attribute(attribute:"patch_publication_date", value:"2018/04/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_set_attribute(attribute:"stig_severity", value:"I"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 7.x", "Scientific Linux " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu); flag = 0; if (rpm_check(release:"SL7", cpu:"x86_64", reference:"librelp-1.2.12-1.el7_5.1")) flag++; if (rpm_check(release:"SL7", cpu:"x86_64", reference:"librelp-debuginfo-1.2.12-1.el7_5.1")) flag++; if (rpm_check(release:"SL7", cpu:"x86_64", reference:"librelp-devel-1.2.12-1.el7_5.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "librelp / librelp-debuginfo / librelp-devel"); }
NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-0822-1.NASL description This update for librelp fixes the following issues: CVE-2018-1000140 (bsc#1086730): librelp contained a stack-based buffer overflow in the checking of x509 certificates. A remote attacker with an access to the rsyslog logging facility could have exploited it by sending a specially crafted x509 certificate. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 108656 published 2018-03-27 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108656 title SUSE SLES12 Security Update : librelp (SUSE-SU-2018:0822-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2018:0822-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(108656); script_version("1.6"); script_cvs_date("Date: 2019/09/10 13:51:47"); script_cve_id("CVE-2018-1000140"); script_xref(name:"IAVA", value:"2018-A-0202"); script_name(english:"SUSE SLES12 Security Update : librelp (SUSE-SU-2018:0822-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for librelp fixes the following issues: CVE-2018-1000140 (bsc#1086730): librelp contained a stack-based buffer overflow in the checking of x509 certificates. A remote attacker with an access to the rsyslog logging facility could have exploited it by sending a specially crafted x509 certificate. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1086730" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-1000140/" ); # https://www.suse.com/support/update/announcement/2018/suse-su-20180822-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?59ba67f7" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-552=1 SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-552=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:librelp-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:librelp0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:librelp0-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/23"); script_set_attribute(attribute:"patch_publication_date", value:"2018/03/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/27"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_set_attribute(attribute:"stig_severity", value:"I"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(3)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP3", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"3", reference:"librelp-debugsource-1.2.12-3.3.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"librelp0-1.2.12-3.3.1")) flag++; if (rpm_check(release:"SLES12", sp:"3", reference:"librelp0-debuginfo-1.2.12-3.3.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "librelp"); }
NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0129_LIBVIRT.NASL description An update of the libvirt package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121833 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121833 title Photon OS 1.0: Libvirt PHSA-2018-1.0-0129 code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from VMware Security Advisory PHSA-2018-1.0-0129. The text # itself is copyright (C) VMware, Inc. include('compat.inc'); if (description) { script_id(121833); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2019/02/07"); script_cve_id("CVE-2018-1064"); script_name(english:"Photon OS 1.0: Libvirt PHSA-2018-1.0-0129"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote PhotonOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "An update of the libvirt package has been released."); script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Updates-1.0-129.md"); script_set_attribute(attribute:"solution", value: "Update the affected Linux packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-1000140"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/27"); script_set_attribute(attribute:"patch_publication_date", value:"2018/04/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/07"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:libvirt"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:1.0"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"PhotonOS Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/PhotonOS/release"); if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS"); if (release !~ "^VMware Photon (?:Linux|OS) 1\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 1.0"); if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu); flag = 0; if (rpm_check(release:"PhotonOS-1.0", reference:"libvirt-3.2.0-4.ph1")) flag++; if (rpm_check(release:"PhotonOS-1.0", reference:"libvirt-debuginfo-3.2.0-4.ph1")) flag++; if (rpm_check(release:"PhotonOS-1.0", reference:"libvirt-devel-3.2.0-4.ph1")) flag++; if (rpm_check(release:"PhotonOS-1.0", reference:"libvirt-docs-3.2.0-4.ph1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libvirt"); }
NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0039_ZSH.NASL description An update of the zsh package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121939 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121939 title Photon OS 2.0: Zsh PHSA-2018-2.0-0039 code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from VMware Security Advisory PHSA-2018-2.0-0039. The text # itself is copyright (C) VMware, Inc. include('compat.inc'); if (description) { script_id(121939); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2019/02/07"); script_cve_id("CVE-2018-1083"); script_name(english:"Photon OS 2.0: Zsh PHSA-2018-2.0-0039"); script_summary(english:"Checks the rpm output for the updated packages."); script_set_attribute(attribute:"synopsis", value: "The remote PhotonOS host is missing multiple security updates."); script_set_attribute(attribute:"description", value: "An update of the zsh package has been released."); script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Updates-2-39.md"); script_set_attribute(attribute:"solution", value: "Update the affected Linux packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-1000140"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/04/27"); script_set_attribute(attribute:"patch_publication_date", value:"2018/04/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/02/07"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:zsh"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:2.0"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"PhotonOS Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/PhotonOS/release"); if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS"); if (release !~ "^VMware Photon (?:Linux|OS) 2\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 2.0"); if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu); flag = 0; if (rpm_check(release:"PhotonOS-2.0", reference:"zsh-5.3.1-7.ph2")) flag++; if (rpm_check(release:"PhotonOS-2.0", reference:"zsh-debuginfo-5.3.1-7.ph2")) flag++; if (rpm_check(release:"PhotonOS-2.0", reference:"zsh-html-5.3.1-7.ph2")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "zsh"); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-1223.NASL description An update for librelp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Librelp is an easy-to-use library for the Reliable Event Logging Protocol (RELP) protocol. RELP is a general-purpose, extensible logging protocol. Security Fix(es) : * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/ tcp.c (CVE-2018-1000140) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Rainer Gerhards (rsyslog) for reporting this issue. Upstream acknowledges Bas van Schaik (lgtm.com / Semmle) and Kevin Backhouse (lgtm.com / Semmle) as the original reporters. last seen 2020-06-01 modified 2020-06-02 plugin id 109337 published 2018-04-25 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109337 title RHEL 7 : librelp (RHSA-2018:1223) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2018:1223. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(109337); script_version("1.10"); script_cvs_date("Date: 2019/10/24 15:35:44"); script_cve_id("CVE-2018-1000140"); script_xref(name:"RHSA", value:"2018:1223"); script_xref(name:"IAVA", value:"2018-A-0202"); script_name(english:"RHEL 7 : librelp (RHSA-2018:1223)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for librelp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Librelp is an easy-to-use library for the Reliable Event Logging Protocol (RELP) protocol. RELP is a general-purpose, extensible logging protocol. Security Fix(es) : * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/ tcp.c (CVE-2018-1000140) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Rainer Gerhards (rsyslog) for reporting this issue. Upstream acknowledges Bas van Schaik (lgtm.com / Semmle) and Kevin Backhouse (lgtm.com / Semmle) as the original reporters." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1223" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2018-1000140" ); script_set_attribute( attribute:"solution", value: "Update the affected librelp, librelp-debuginfo and / or librelp-devel packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librelp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librelp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librelp-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.5"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.7"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/23"); script_set_attribute(attribute:"patch_publication_date", value:"2018/04/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/04/25"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_set_attribute(attribute:"stig_severity", value:"I"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2018:1223"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL7", reference:"librelp-1.2.12-1.el7_5.1")) flag++; if (rpm_check(release:"RHEL7", reference:"librelp-debuginfo-1.2.12-1.el7_5.1")) flag++; if (rpm_check(release:"RHEL7", reference:"librelp-devel-1.2.12-1.el7_5.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "librelp / librelp-debuginfo / librelp-devel"); } }
NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2018-1223.NASL description An update for librelp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Librelp is an easy-to-use library for the Reliable Event Logging Protocol (RELP) protocol. RELP is a general-purpose, extensible logging protocol. Security Fix(es) : * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/ tcp.c (CVE-2018-1000140) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Rainer Gerhards (rsyslog) for reporting this issue. Upstream acknowledges Bas van Schaik (lgtm.com / Semmle) and Kevin Backhouse (lgtm.com / Semmle) as the original reporters. last seen 2020-06-01 modified 2020-06-02 plugin id 110242 published 2018-05-31 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110242 title CentOS 7 : librelp (CESA-2018:1223) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2018:1223 and # CentOS Errata and Security Advisory 2018:1223 respectively. # include("compat.inc"); if (description) { script_id(110242); script_version("1.6"); script_cvs_date("Date: 2019/12/31"); script_cve_id("CVE-2018-1000140"); script_xref(name:"RHSA", value:"2018:1223"); script_xref(name:"IAVA", value:"2018-A-0202"); script_name(english:"CentOS 7 : librelp (CESA-2018:1223)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for librelp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Librelp is an easy-to-use library for the Reliable Event Logging Protocol (RELP) protocol. RELP is a general-purpose, extensible logging protocol. Security Fix(es) : * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/ tcp.c (CVE-2018-1000140) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Rainer Gerhards (rsyslog) for reporting this issue. Upstream acknowledges Bas van Schaik (lgtm.com / Semmle) and Kevin Backhouse (lgtm.com / Semmle) as the original reporters." ); # https://lists.centos.org/pipermail/centos-announce/2018-May/022874.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?8bfa6b9a" ); script_set_attribute( attribute:"solution", value:"Update the affected librelp packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-1000140"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:librelp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:librelp-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:7"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/23"); script_set_attribute(attribute:"patch_publication_date", value:"2018/05/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/31"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_set_attribute(attribute:"stig_severity", value:"I"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 7.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"librelp-1.2.12-1.el7_5.1")) flag++; if (rpm_check(release:"CentOS-7", cpu:"x86_64", reference:"librelp-devel-1.2.12-1.el7_5.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "librelp / librelp-devel"); }
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-1704.NASL description An update for librelp is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Librelp is an easy-to-use library for the Reliable Event Logging Protocol (RELP) protocol. RELP is a general-purpose, extensible logging protocol. Security Fix(es) : * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/ tcp.c (CVE-2018-1000140) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Rainer Gerhards (rsyslog) for reporting this issue. Upstream acknowledges Bas van Schaik (lgtm.com / Semmle) and Kevin Backhouse (lgtm.com / Semmle) as the original reporters. last seen 2020-06-01 modified 2020-06-02 plugin id 110086 published 2018-05-24 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110086 title RHEL 7 : librelp (RHSA-2018:1704) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2018:1704. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(110086); script_version("1.8"); script_cvs_date("Date: 2019/10/24 15:35:45"); script_cve_id("CVE-2018-1000140"); script_xref(name:"RHSA", value:"2018:1704"); script_xref(name:"IAVA", value:"2018-A-0202"); script_name(english:"RHEL 7 : librelp (RHSA-2018:1704)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An update for librelp is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Librelp is an easy-to-use library for the Reliable Event Logging Protocol (RELP) protocol. RELP is a general-purpose, extensible logging protocol. Security Fix(es) : * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/ tcp.c (CVE-2018-1000140) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Rainer Gerhards (rsyslog) for reporting this issue. Upstream acknowledges Bas van Schaik (lgtm.com / Semmle) and Kevin Backhouse (lgtm.com / Semmle) as the original reporters." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2018:1704" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2018-1000140" ); script_set_attribute( attribute:"solution", value: "Update the affected librelp, librelp-debuginfo and / or librelp-devel packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librelp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librelp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:librelp-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.4"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/23"); script_set_attribute(attribute:"patch_publication_date", value:"2018/05/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/24"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_set_attribute(attribute:"stig_severity", value:"I"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^7\.4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.4", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2018:1704"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL7", sp:"4", reference:"librelp-1.2.12-1.el7_4.1")) flag++; if (rpm_check(release:"RHEL7", sp:"4", reference:"librelp-debuginfo-1.2.12-1.el7_4.1")) flag++; if (rpm_check(release:"RHEL7", sp:"4", reference:"librelp-devel-1.2.12-1.el7_4.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "librelp / librelp-debuginfo / librelp-devel"); } }
NASL family Fedora Local Security Checks NASL id FEDORA_2018-2F9D3604D6.NASL description rebase and fixed CVE-2018-1000140 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-04-10 plugin id 108911 published 2018-04-10 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108911 title Fedora 27 : librelp (2018-2f9d3604d6) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2018-2f9d3604d6. # include("compat.inc"); if (description) { script_id(108911); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2018-1000140"); script_xref(name:"FEDORA", value:"2018-2f9d3604d6"); script_xref(name:"IAVA", value:"2018-A-0202"); script_name(english:"Fedora 27 : librelp (2018-2f9d3604d6)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "rebase and fixed CVE-2018-1000140 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-2f9d3604d6" ); script_set_attribute( attribute:"solution", value:"Update the affected librelp package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:librelp"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:27"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/23"); script_set_attribute(attribute:"patch_publication_date", value:"2018/04/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/04/10"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_set_attribute(attribute:"stig_severity", value:"I"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^27([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 27", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC27", reference:"librelp-1.2.15-1.fc27")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "librelp"); }
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201804-21.NASL description The remote host is affected by the vulnerability described in GLSA-201804-21 (librelp: Remote code execution) A buffer overflow was discovered in librelp with the handling of x509 certificates. Impact : A remote attacker, by sending a specially crafted x509 certificate, could execute arbitrary code. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 109235 published 2018-04-23 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109235 title GLSA-201804-21 : librelp: Remote code execution NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1134.NASL description According to the version of the librelp package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack-based buffer overflow was found in the way librelp parses X.509 certificates. By connecting or accepting connections from a remote peer, an attacker may use a specially crafted X.509 certificate to exploit this flaw and potentially execute arbitrary code.(CVE-2018-1000140) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2018-05-29 plugin id 110138 published 2018-05-29 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110138 title EulerOS 2.0 SP1 : librelp (EulerOS-SA-2018-1134) NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0147_LIBRELP.NASL description The remote NewStart CGSL host, running version MAIN 4.05, has librelp packages installed that are affected by a vulnerability: - A stack-based buffer overflow was found in the way librelp parses X.509 certificates. By connecting or accepting connections from a remote peer, an attacker may use a specially crafted X.509 certificate to exploit this flaw and potentially execute arbitrary code. (CVE-2018-1000140) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127416 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127416 title NewStart CGSL MAIN 4.05 : librelp Vulnerability (NS-SA-2019-0147) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-1703.NASL description An update for librelp is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Librelp is an easy-to-use library for the Reliable Event Logging Protocol (RELP) protocol. RELP is a general-purpose, extensible logging protocol. Security Fix(es) : * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/ tcp.c (CVE-2018-1000140) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Rainer Gerhards (rsyslog) for reporting this issue. Upstream acknowledges Bas van Schaik (lgtm.com / Semmle) and Kevin Backhouse (lgtm.com / Semmle) as the original reporters. last seen 2020-06-01 modified 2020-06-02 plugin id 110085 published 2018-05-24 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110085 title RHEL 7 : librelp (RHSA-2018:1703) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3612-1.NASL description Bas van Schaik and Kevin Backhouse discovered that librelp incorrectly handled checking certain x509 certificates. A remote attacker able to connect to rsyslog could possibly use this issue to execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 108710 published 2018-03-29 reporter Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108710 title Ubuntu 14.04 LTS : librelp vulnerability (USN-3612-1) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2018-1225.NASL description An update for librelp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Librelp is an easy-to-use library for the Reliable Event Logging Protocol (RELP) protocol. RELP is a general-purpose, extensible logging protocol. Security Fix(es) : * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/ tcp.c (CVE-2018-1000140) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Rainer Gerhards (rsyslog) for reporting this issue. Upstream acknowledges Bas van Schaik (lgtm.com / Semmle) and Kevin Backhouse (lgtm.com / Semmle) as the original reporters. last seen 2020-06-01 modified 2020-06-02 plugin id 109529 published 2018-05-03 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109529 title CentOS 6 : librelp (CESA-2018:1225) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0039_LIBRELP.NASL description An update of the librelp package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121935 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121935 title Photon OS 2.0: Librelp PHSA-2018-2.0-0039 NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-1701.NASL description An update for librelp is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Librelp is an easy-to-use library for the Reliable Event Logging Protocol (RELP) protocol. RELP is a general-purpose, extensible logging protocol. Security Fix(es) : * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/ tcp.c (CVE-2018-1000140) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Rainer Gerhards (rsyslog) for reporting this issue. Upstream acknowledges Bas van Schaik (lgtm.com / Semmle) and Kevin Backhouse (lgtm.com / Semmle) as the original reporters. last seen 2020-06-01 modified 2020-06-02 plugin id 110083 published 2018-05-24 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110083 title RHEL 6 : librelp (RHSA-2018:1701) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-1702.NASL description An update for librelp is now available for Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Librelp is an easy-to-use library for the Reliable Event Logging Protocol (RELP) protocol. RELP is a general-purpose, extensible logging protocol. Security Fix(es) : * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/ tcp.c (CVE-2018-1000140) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Rainer Gerhards (rsyslog) for reporting this issue. Upstream acknowledges Bas van Schaik (lgtm.com / Semmle) and Kevin Backhouse (lgtm.com / Semmle) as the original reporters. last seen 2020-06-01 modified 2020-06-02 plugin id 110084 published 2018-05-24 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110084 title RHEL 6 : librelp (RHSA-2018:1702) NASL family Amazon Linux Local Security Checks NASL id AL2_ALAS-2018-998.NASL description Stack-based buffer overflow in relpTcpChkPeerName function in src/tcp.c : rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate. (CVE-2018-1000140) last seen 2020-06-01 modified 2020-06-02 plugin id 109180 published 2018-04-20 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109180 title Amazon Linux 2 : librelp (ALAS-2018-998) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-0828-1.NASL description This update for librelp fixes the following issues: CVE-2018-1000140 (bsc#1086730): librelp contained a stack-based buffer overflow in the checking of x509 certificates. A remote attacker with an access to the rsyslog logging facility could have exploited it by sending a specially crafted x509 certificate. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 108684 published 2018-03-28 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108684 title SUSE SLES12 Security Update : librelp (SUSE-SU-2018:0828-1) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1182.NASL description According to the version of the librelp package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack-based buffer overflow was found in the way librelp parses X.509 certificates. By connecting or accepting connections from a remote peer, an attacker may use a specially crafted X.509 certificate to exploit this flaw and potentially execute arbitrary code.(CVE-2018-1000140) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2018-07-03 plugin id 110846 published 2018-07-03 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110846 title EulerOS 2.0 SP3 : librelp (EulerOS-SA-2018-1182) NASL family Fedora Local Security Checks NASL id FEDORA_2018-6F2DF5AB6C.NASL description rebase && fixed CVE-2018-1000140 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2018-04-10 plugin id 108912 published 2018-04-10 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108912 title Fedora 26 : librelp (2018-6f2df5ab6c) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0039_HTTPD.NASL description An update of the httpd package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121934 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121934 title Photon OS 2.0: Httpd PHSA-2018-2.0-0039 NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0129_LIBRELP.NASL description An update of the librelp package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121832 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121832 title Photon OS 1.0: Librelp PHSA-2018-1.0-0129 NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-1225.NASL description An update for librelp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Librelp is an easy-to-use library for the Reliable Event Logging Protocol (RELP) protocol. RELP is a general-purpose, extensible logging protocol. Security Fix(es) : * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/ tcp.c (CVE-2018-1000140) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Rainer Gerhards (rsyslog) for reporting this issue. Upstream acknowledges Bas van Schaik (lgtm.com / Semmle) and Kevin Backhouse (lgtm.com / Semmle) as the original reporters. last seen 2020-06-01 modified 2020-06-02 plugin id 109339 published 2018-04-25 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109339 title RHEL 6 : librelp (RHSA-2018:1225) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0129.NASL description An update of 'libvirt', 'librelp' packages of Photon OS has been released. last seen 2019-02-21 modified 2019-02-07 plugin id 111931 published 2018-08-17 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111931 title Photon OS 1.0: Librelp / Libvirt PHSA-2018-1.0-0129 (deprecated) NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-319.NASL description This update for librelp fixes the following issues : - CVE-2018-1000140: A stack-based buffer overflow in the code for checking of x509 certificates allowed a remote attacker with an access to the rsyslog logging facility to potentially execute arbitrary code by sending a specially crafted x509 certificate. (bsc#1086730) This update was imported from the SUSE:SLE-12-SP3:Update update project. last seen 2020-06-05 modified 2018-03-28 plugin id 108682 published 2018-03-28 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108682 title openSUSE Security Update : librelp (openSUSE-2018-319) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2018-1223.NASL description From Red Hat Security Advisory 2018:1223 : An update for librelp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Librelp is an easy-to-use library for the Reliable Event Logging Protocol (RELP) protocol. RELP is a general-purpose, extensible logging protocol. Security Fix(es) : * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/ tcp.c (CVE-2018-1000140) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Rainer Gerhards (rsyslog) for reporting this issue. Upstream acknowledges Bas van Schaik (lgtm.com / Semmle) and Kevin Backhouse (lgtm.com / Semmle) as the original reporters. last seen 2020-06-01 modified 2020-06-02 plugin id 109331 published 2018-04-25 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109331 title Oracle Linux 7 : librelp (ELSA-2018-1223) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0039_LIBTIFF.NASL description An update of the libtiff package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121936 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121936 title Photon OS 2.0: Libtiff PHSA-2018-2.0-0039 NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2018-1707.NASL description An update for librelp is now available for Red Hat Enterprise Linux 7.3 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Librelp is an easy-to-use library for the Reliable Event Logging Protocol (RELP) protocol. RELP is a general-purpose, extensible logging protocol. Security Fix(es) : * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/ tcp.c (CVE-2018-1000140) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Rainer Gerhards (rsyslog) for reporting this issue. Upstream acknowledges Bas van Schaik (lgtm.com / Semmle) and Kevin Backhouse (lgtm.com / Semmle) as the original reporters. last seen 2020-06-01 modified 2020-06-02 plugin id 110087 published 2018-05-24 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110087 title RHEL 7 : librelp (RHSA-2018:1707) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-4151.NASL description Bas van Schaik and Kevin Backhouse discovered a stack-based buffer overflow vulnerability in librelp, a library providing reliable event logging over the network, triggered while checking x509 certificates from a peer. A remote attacker able to connect to rsyslog can take advantage of this flaw for remote code execution by sending a specially crafted x509 certificate. Details can be found in the upstream advisory: https://www.rsyslog.com/cve-2018-1000140/ last seen 2020-06-01 modified 2020-06-02 plugin id 108611 published 2018-03-27 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/108611 title Debian DSA-4151-1 : librelp - security update NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0039_OPENJDK8.NASL description An update of the openjdk8 package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121938 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121938 title Photon OS 2.0: Openjdk8 PHSA-2018-2.0-0039 NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0050_LIBRELP.NASL description The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has librelp packages installed that are affected by a vulnerability: - A stack-based buffer overflow was found in the way librelp parses X.509 certificates. By connecting or accepting connections from a remote peer, an attacker may use a specially crafted X.509 certificate to exploit this flaw and potentially execute arbitrary code. (CVE-2018-1000140) Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-06-01 modified 2020-06-02 plugin id 127234 published 2019-08-12 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127234 title NewStart CGSL CORE 5.04 / MAIN 5.04 : librelp Vulnerability (NS-SA-2019-0050) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2018-1135.NASL description According to the version of the librelp package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack-based buffer overflow was found in the way librelp parses X.509 certificates. By connecting or accepting connections from a remote peer, an attacker may use a specially crafted X.509 certificate to exploit this flaw and potentially execute arbitrary code.(CVE-2018-1000140) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-06 modified 2018-05-29 plugin id 110139 published 2018-05-29 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/110139 title EulerOS 2.0 SP2 : librelp (EulerOS-SA-2018-1135) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0039.NASL description An update of {'openjdk8', 'httpd', 'librelp', 'zsh', 'libvirt', 'libtiff'} packages of Photon OS has been released. last seen 2019-02-21 modified 2019-02-07 plugin id 111298 published 2018-07-24 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111298 title Photon OS 2.0 : openjdk8 / httpd / librelp / zsh / libvirt (PhotonOS-PHSA-2018-2.0-0039) (deprecated) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2018-1225.NASL description From Red Hat Security Advisory 2018:1225 : An update for librelp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Librelp is an easy-to-use library for the Reliable Event Logging Protocol (RELP) protocol. RELP is a general-purpose, extensible logging protocol. Security Fix(es) : * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/ tcp.c (CVE-2018-1000140) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Rainer Gerhards (rsyslog) for reporting this issue. Upstream acknowledges Bas van Schaik (lgtm.com / Semmle) and Kevin Backhouse (lgtm.com / Semmle) as the original reporters. last seen 2020-06-01 modified 2020-06-02 plugin id 109333 published 2018-04-25 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109333 title Oracle Linux 6 : librelp (ELSA-2018-1225) NASL family Scientific Linux Local Security Checks NASL id SL_20180424_LIBRELP_ON_SL6_X.NASL description Security Fix(es) : - librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/tcp.c (CVE-2018-1000140) last seen 2020-03-18 modified 2018-04-25 plugin id 109340 published 2018-04-25 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/109340 title Scientific Linux Security Update : librelp on SL6.x i386/x86_64 (20180424) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-2_0-0039_LIBVIRT.NASL description An update of the libvirt package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121937 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121937 title Photon OS 2.0: Libvirt PHSA-2018-2.0-0039
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
References
- http://packetstormsecurity.com/files/172829/librelp-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/172829/librelp-Remote-Code-Execution.html
- https://access.redhat.com/errata/RHSA-2018:1223
- https://access.redhat.com/errata/RHSA-2018:1223
- https://access.redhat.com/errata/RHSA-2018:1225
- https://access.redhat.com/errata/RHSA-2018:1225
- https://access.redhat.com/errata/RHSA-2018:1701
- https://access.redhat.com/errata/RHSA-2018:1701
- https://access.redhat.com/errata/RHSA-2018:1702
- https://access.redhat.com/errata/RHSA-2018:1702
- https://access.redhat.com/errata/RHSA-2018:1703
- https://access.redhat.com/errata/RHSA-2018:1703
- https://access.redhat.com/errata/RHSA-2018:1704
- https://access.redhat.com/errata/RHSA-2018:1704
- https://access.redhat.com/errata/RHSA-2018:1707
- https://access.redhat.com/errata/RHSA-2018:1707
- https://github.com/rsyslog/librelp/blob/532aa362f0f7a8d037505b0a27a1df452f9bac9e/src/tcp.c#L1205
- https://github.com/rsyslog/librelp/blob/532aa362f0f7a8d037505b0a27a1df452f9bac9e/src/tcp.c#L1205
- https://lgtm.com/rules/1505913226124/
- https://lgtm.com/rules/1505913226124/
- https://security.gentoo.org/glsa/201804-21
- https://security.gentoo.org/glsa/201804-21
- https://usn.ubuntu.com/3612-1/
- https://usn.ubuntu.com/3612-1/
- https://www.debian.org/security/2018/dsa-4151
- https://www.debian.org/security/2018/dsa-4151