Resource management error in rsyslog.com rsyslog
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2013-4758 |
| CWE-ID | CWE-399 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
rsyslog Server applications / Other server solutions |
| Vendor | rsyslog.com |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Resource management error
EUVDB-ID: #VU42487
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-4758
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JSON response.
MitigationInstall update from vendor's website.
Vulnerable software versionsrsyslog: 6.4.2 - 7.5.0
CPE2.3- cpe:2.3:a:rsyslog_com:rsyslog:6.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:rsyslog_com:rsyslog:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:rsyslog_com:rsyslog:6.6.0:*:*:*:*:*:*:*
https://www.openwall.com/lists/oss-security/2013/07/05/2
https://www.rsyslog.com/rsyslog-7-4-2-v7-stable-released/
https://www.rsyslog.com/rsyslog-7-5-2-v7-devel-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
