CVE-2013-4758
Published Oct 4, 2013
Last updated 11 years ago
Overview
- Description
- Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JSON response.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-399
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BDE20FE1-56D8-4D3C-B4A2-EE2B75ACFA62",
"versionEndIncluding": "7.4.1"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:*:devel:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D028081-DAF7-4D78-872C-C13F83680212",
"versionEndIncluding": "7.5.1"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:6.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9508A76B-701A-4C14-9C04-4E28929BDA14"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:6.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93CD9481-10CF-43FF-83FA-D2DA2AF511FB"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:6.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF4C2FA1-BAFC-434C-82EA-66F184188E23"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F42492F4-4733-4B79-A772-E1FEE6B94720"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C8641BF6-2DA2-4921-96C1-75BE79C53848"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F784088F-B978-4884-A8DB-78EF80D8F084"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D32E4647-4082-4570-90A4-C99B5C10FB19"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBF9A496-300B-4BA8-B0D1-8C462433E0F1"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CFC40422-9D3D-4716-8330-AF1BE9D4EBE2"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49182E05-9A60-42A6-ABB1-CFB451E536FD"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CBB1158-43C3-4F96-B417-BD666E28527F"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F58E1519-3A26-44BB-825C-C0101A7EC10D"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "025343ED-25A7-4CED-BEE9-38F9D8341204"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.1.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19D99873-FC74-4F40-B96E-8947FAFAA4CF"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.1.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C022D5B9-69A8-4C2D-9CEE-B286E6A60443"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.1.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB52D577-3BB4-484A-A6E8-2A3C1231A4E4"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "850B5013-FD12-48A3-8F42-131799BCE0B2"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "06E2C187-A323-45F8-B3E9-B770794616B3"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B398B42-77D8-4992-89B4-386010147157"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "286C77D0-7533-41F8-B642-74F737D030EA"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21BC8875-9FB0-4201-8830-F041661A5851"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B0E74D0-224C-4B57-B08C-D4F19B0E65B4"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.2.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1340BDF8-AA43-4425-8EFC-0AD4FD817DAC"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "70DC0961-7D16-4516-A70C-BB8D1ECD1FB0"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F054055F-C59C-41C1-8D80-BFDBA4BE9C6C"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C37CE69F-78BF-4925-9234-B982B17A105E"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.3.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95C631DA-E2C3-47F0-A6E2-3B95B8AEDA0D"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD56EDED-77B4-4C85-8834-3604166B7EB6"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB8A679D-419D-4BDE-BE77-559B53DBF5F5"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.3.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E72910C5-E19F-43E9-B595-C9232CA13430"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.3.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2E08CC5-03FC-439B-87FF-0AA79E01D0BB"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.3.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB5A9B69-DA3A-466C-B2BC-15ADA9BBD459"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.3.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "954DD01D-03A1-4341-9819-AF0A65C61C96"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.3.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "285A3697-88C6-4C8D-8CF3-914F3697B8EF"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.3.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D38F1301-0496-4F61-9927-CB49AE5D66EE"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.3.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30D1A318-63A8-47DB-927C-DD39198CFDA4"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.3.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE21440E-B44A-4A77-B9D8-F984C349C8B2"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.3.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58D966D4-A2BB-4864-B910-D73BB3E91950"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F2767E8-6834-4EDD-BFC6-BDCE1FBDB5F8"
},
{
"criteria": "cpe:2.3:a:rsyslog:rsyslog:7.5.0:devel:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F459606-1598-47F8-A031-51B6F49D6244"
}
],
"operator": "OR"
}
]
}
]