CVE-2011-3200
Rsyslog - Memory Corruption
Title source: ruleDescription
Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message.
Exploits (1)
metasploit
WORKING POC
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/syslog/rsyslog_long_tag.rb
References (12)
Scores
EPSS
0.6739
EPSS Percentile
98.6%
Details
CWE
CWE-119
Status
published
Products (50)
rsyslog/rsyslog
4.6.0
rsyslog/rsyslog
4.6.1
rsyslog/rsyslog
4.6.2
rsyslog/rsyslog
4.6.3
rsyslog/rsyslog
4.6.4
rsyslog/rsyslog
4.6.5
rsyslog/rsyslog
4.6.6
rsyslog/rsyslog
4.6.7
rsyslog/rsyslog
5.2.0
rsyslog/rsyslog
5.2.1
... and 40 more
Published
Sep 06, 2011
Tracked Since
Feb 18, 2026