Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Double free vulnerability in the writeDataError function in the ElasticSearch plugin (omelasticsearch) in rsyslog before 7.4.2 and before 7.5.2 devel, when errorfile is set to local logging, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JSON response.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Adiscon RSyslog 双重释放内存损坏漏洞
Vulnerability Description
Adiscon Rsyslog是德国Adiscon公司的一个syslogd的多线程增强版,它主要用于收集系统日志。 rsyslog 7.4.1及之前的版本和7.5.1:devel及之前的版本中的ElasticSearch插件中的‘writeDataError’函数中存在双重释放漏洞。当‘errorfile’参数设置为本地登录时,远程攻击者可借助特制的JSON响应利用该漏洞造成拒绝服务(程序崩溃),也可能执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A