[ MDVSA-2014:196 ] rsyslog

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:196
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : rsyslog
 Date    : October 21, 2014
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated rsyslog packages fix security vulnerability:
 
 Rainer Gerhards, the rsyslog project leader, reported a vulnerability
 in Rsyslog. As a consequence of this vulnerability an attacker can send
 malformed messages to a server, if this one accepts data from untrusted
 sources, and trigger a denial of service attack (CVE-2014-3634).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3634
 http://cve.mitre.org/cgi-bin/cvename.cgi?name

Leave a Reply