Computer Security
[EN] no-pyccku

ElasticSearch double free
SecurityVulns ID:13149
Threat Level:
Description:ElasticSearch rsyslog plugin doble free().
Affected:RSYSLOG : ElasticSearch 7.4
 RSYSLOG : ElasticSearch 7.5
CVE:CVE-2013-4758 (Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JSON response.)
Original documentdocumentLSE Leading Security Experts GmbH (Security Advisories), LSE Leading Security Experts GmbH - LSE-2013-07-03 - rsyslog ElasticSearch Plugin (08.07.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod