Computer Security
[EN] securityvulns.ru no-pyccku


ElasticSearch double free
Published:08.07.2013
Source:
SecurityVulns ID:13149
Type:remote
Threat Level:
5/10
Description:ElasticSearch rsyslog plugin doble free().
Affected:RSYSLOG : ElasticSearch 7.4
 RSYSLOG : ElasticSearch 7.5
CVE:CVE-2013-4758 (Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JSON response.)
Original documentdocumentLSE Leading Security Experts GmbH (Security Advisories), LSE Leading Security Experts GmbH - LSE-2013-07-03 - rsyslog ElasticSearch Plugin (08.07.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod