Intrusion Prevention

RSYSLOG.PRI.Value.Parsing.Integer.Overflow.DoS

Description

This indicates an attack attempt against a Denial Of Service vulnerability in rsyslog.
The vulnerability is caused by an integer overflow error when the vulnerable software handles maliciously crafted log message data. A remote attacker may be able to exploit this to cause denial of service conditions in the affected machine via crafted packets.

Affected Products

Infodrom Oldenburg sysklogd prior to 1.5
rsyslog rsyslog prior to 7.6.7
rsyslog rsyslog prior to 8.4.2

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/

CVE References

CVE-2014-3683