Mandriva Linux Security Advisory : rsyslog (MDVSA-2011:134-1)
Medium Nessus Plugin ID 56160
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability was discovered and corrected in rsyslog :
Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message (CVE-2011-3200).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.