Out-of-Bounds Array Access Vulnerability in rsyslog and sysklogd

Out-of-Bounds Array Access Vulnerability in rsyslog and sysklogd

CVE-2014-3634 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.

Learn more about our Web Application Penetration Testing UK.