Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial of service (daemon hang) via a large file, which triggers a heap-based buffer overflow.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | rsyslog | 2012-07-06 16:04 | ALAS-2012-105 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv2 | 5.4 | AV:A/AC:M/Au:N/C:P/I:P/A:P |
NVD | CVSSv2 | 2.1 | AV:L/AC:L/Au:N/C:N/I:N/A:P |