CVE-2020-8443
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted).
- ossec ossec 2.7
- ossec ossec 2.7.0
- ossec ossec 2.7.1
- ossec ossec 2.8.0
- ossec ossec 2.8.1
- ossec ossec 2.8.2
- ossec ossec 2.8.3
- ossec ossec 2.9.0
- ossec ossec 2.9.1
- ossec ossec 2.9.2
- ossec ossec 2.9.3
- ossec ossec 2.9.4
- ossec ossec 3.0.0
- ossec ossec 3.1.0
- ossec ossec 3.2.0
- ossec ossec 3.3.0
- ossec ossec 3.4.0
- ossec ossec 3.5.0