An issue was found in rsyslog. When imtcp module and Octet-Counted TCP Framing ("on" by default) are enabled, Rsyslog can be crashed remotely when sending an crafted (improperly formatted) message to "imptcp" listening socket. Upstream Patch: https://github.com/rsyslog/rsyslog/commit/0381a0de64a5a048c3d48b79055bd9848d0c7fc2
This vulnerability appears to have been introduced in upstream commit 6c52f29d59, which was first included in release 8.13.1. > optimized payload-copy in processDataRcvd for octate-counted frames (as length is pre-known, it is possible to avoid coping char by char, as opposed to octate-stuffed frames).
Acknowledgments: Name: Joel Miller (Pennsylvania Higher Education Assistance Agency)
Mitigation: This vulnerability requires the "imptcp" module to be enabled, and listening on a port that can potentially be reached by attackers. This module is not enabled by default in Red Hat Enterprise Linux 7. To check if imptcp is enabled, look for the string `$InputPTCPServerRun`in your rsyslog configuration.
shouldn't it say imtcp (instead of imptcp)?
(In reply to Mark D. Foster from comment #12) > shouldn't it say imtcp (instead of imptcp)? No, there are two separate rsyslog plugins, imtcp adn imptcp (sort of simplified version), this bug concerns the latter one.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2019:2110 https://access.redhat.com/errata/RHSA-2019:2110
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-16881
This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 Via RHSA-2019:2437 https://access.redhat.com/errata/RHSA-2019:2437
This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 Via RHSA-2019:2439 https://access.redhat.com/errata/RHSA-2019:2439
The https://www.myexamcollection.com/312-50v12-vce-questions.htm is one of the most difficult and important exams in the cyber security industry. It tests a variety of topics related to the security of both physical and digital networks. This exam is offered by EC-Council and is an essential part of the Certified Ethical Hacker (CEH) certification program. The exam comprises of 125 multiple-choice questions and is timed for three hours.
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days
This comment was flagged a spam, view the edit history to see the original text if required.