← Retour aux CVEs
CVE-2013-4758
N/ADescription
Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JSON response.
Details CVE
Score CVSS v3.1N/A
Publie10/4/2013
Derniere modification4/29/2026
Sourcenvd
Observations honeypot0
Produits affectes
rsyslog:rsyslog
Faiblesses (CWE)
CWE-399
References
http://www.openwall.com/lists/oss-security/2013/07/05/2(cve@mitre.org)
http://www.rsyslog.com/rsyslog-7-4-2-v7-stable-released/(cve@mitre.org)
http://www.rsyslog.com/rsyslog-7-5-2-v7-devel-released/(cve@mitre.org)
http://www.openwall.com/lists/oss-security/2013/07/05/2(af854a3a-2127-422b-91ae-364da2661108)
http://www.rsyslog.com/rsyslog-7-4-2-v7-stable-released/(af854a3a-2127-422b-91ae-364da2661108)
http://www.rsyslog.com/rsyslog-7-5-2-v7-devel-released/(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.