cve/CVE-2018-1000140.md at 9cc2023bd8dbe0ab8c5f051fa9a43f1e04594987

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate.

POC

Reference

http://packetstormsecurity.com/files/172829/librelp-Remote-Code-Execution.html

Github

https://github.com/0xT11/CVE-POC
https://github.com/ARPSyndicate/cvemon
https://github.com/Project-WARMIND/Exploit-Modules
https://github.com/andir/nixos-issue-db-example
https://github.com/s0/rsyslog-librelp-CVE-2018-1000140
https://github.com/s0/rsyslog-librelp-CVE-2018-1000140-fixed

1.1 KiB Raw Blame History

CVE-2018-1000140

Description

POC

Reference

Github

1.1 KiB

Raw Blame History