Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2018-1000140
PUBLISHED
More InfoOfficial Page
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
View Known Exploited Vulnerability (KEV) details
Published At-23 Mar, 2018 | 00:00
Updated At-05 Aug, 2024 | 12:33
Rejected At-
▼CVE Numbering Authority (CNA)

rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://usn.ubuntu.com/3612-1/
vendor-advisory
https://security.gentoo.org/glsa/201804-21
vendor-advisory
https://github.com/rsyslog/librelp/blob/532aa362f0f7a8d037505b0a27a1df452f9bac9e/src/tcp.c#L1205
N/A
https://access.redhat.com/errata/RHSA-2018:1703
vendor-advisory
https://access.redhat.com/errata/RHSA-2018:1704
vendor-advisory
https://access.redhat.com/errata/RHSA-2018:1702
vendor-advisory
https://access.redhat.com/errata/RHSA-2018:1225
vendor-advisory
https://access.redhat.com/errata/RHSA-2018:1707
vendor-advisory
https://lgtm.com/rules/1505913226124/
N/A
https://access.redhat.com/errata/RHSA-2018:1223
vendor-advisory
https://www.debian.org/security/2018/dsa-4151
vendor-advisory
https://access.redhat.com/errata/RHSA-2018:1701
vendor-advisory
http://packetstormsecurity.com/files/172829/librelp-Remote-Code-Execution.html
N/A
Hyperlink: https://usn.ubuntu.com/3612-1/
Resource:
vendor-advisory
Hyperlink: https://security.gentoo.org/glsa/201804-21
Resource:
vendor-advisory
Hyperlink: https://github.com/rsyslog/librelp/blob/532aa362f0f7a8d037505b0a27a1df452f9bac9e/src/tcp.c#L1205
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2018:1703
Resource:
vendor-advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2018:1704
Resource:
vendor-advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2018:1702
Resource:
vendor-advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2018:1225
Resource:
vendor-advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2018:1707
Resource:
vendor-advisory
Hyperlink: https://lgtm.com/rules/1505913226124/
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2018:1223
Resource:
vendor-advisory
Hyperlink: https://www.debian.org/security/2018/dsa-4151
Resource:
vendor-advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2018:1701
Resource:
vendor-advisory
Hyperlink: http://packetstormsecurity.com/files/172829/librelp-Remote-Code-Execution.html
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://usn.ubuntu.com/3612-1/
vendor-advisory
x_transferred
https://security.gentoo.org/glsa/201804-21
vendor-advisory
x_transferred
https://github.com/rsyslog/librelp/blob/532aa362f0f7a8d037505b0a27a1df452f9bac9e/src/tcp.c#L1205
x_transferred
https://access.redhat.com/errata/RHSA-2018:1703
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2018:1704
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2018:1702
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2018:1225
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2018:1707
vendor-advisory
x_transferred
https://lgtm.com/rules/1505913226124/
x_transferred
https://access.redhat.com/errata/RHSA-2018:1223
vendor-advisory
x_transferred
https://www.debian.org/security/2018/dsa-4151
vendor-advisory
x_transferred
https://access.redhat.com/errata/RHSA-2018:1701
vendor-advisory
x_transferred
http://packetstormsecurity.com/files/172829/librelp-Remote-Code-Execution.html
x_transferred
Hyperlink: https://usn.ubuntu.com/3612-1/
Resource:
vendor-advisory
x_transferred
Hyperlink: https://security.gentoo.org/glsa/201804-21
Resource:
vendor-advisory
x_transferred
Hyperlink: https://github.com/rsyslog/librelp/blob/532aa362f0f7a8d037505b0a27a1df452f9bac9e/src/tcp.c#L1205
Resource:
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2018:1703
Resource:
vendor-advisory
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2018:1704
Resource:
vendor-advisory
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2018:1702
Resource:
vendor-advisory
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2018:1225
Resource:
vendor-advisory
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2018:1707
Resource:
vendor-advisory
x_transferred
Hyperlink: https://lgtm.com/rules/1505913226124/
Resource:
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2018:1223
Resource:
vendor-advisory
x_transferred
Hyperlink: https://www.debian.org/security/2018/dsa-4151
Resource:
vendor-advisory
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2018:1701
Resource:
vendor-advisory
x_transferred
Hyperlink: http://packetstormsecurity.com/files/172829/librelp-Remote-Code-Execution.html
Resource:
x_transferred
Details not found