Browse Exploit & Auxiliary Modules
The Metasploit Project hosts the world's largest database of quality assured exploits, including hundreds of remote exploits, auxiliary modules, and payloads. You can even review the Metasploit Framework source code of any module - or write your own.
Search for modules
rsyslog Long Tag Off-By-Two DoS
This module triggers an off-by-two overflow in the rsyslog daemon. This flaw is unlikely to yield code execution but is effective at shutting down a remote log daemon. This bug was introduced in version 4.6.0 and corrected in 4.6.8/5.8.5. Compiler differences may prevent this bug from causing any noticeable result on many systems (RHEL6 is affected).
Rank
- Normal
Authors
- hdm < hdm [at] metasploit.com >
References
- CVE-2011-3200
- http://www.rsyslog.com/potential-dos-with-malformed-tag/
- https://bugzilla.redhat.com/show_bug.cgi?id=727644
Development
Similar Modules
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/dos/syslog/rsyslog_long_tag
msf auxiliary(rsyslog_long_tag) > set RHOST [TARGET IP]
msf auxiliary(rsyslog_long_tag) > run
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/dos/syslog/rsyslog_long_tag
msf auxiliary(rsyslog_long_tag) > set RHOST [TARGET IP]
msf auxiliary(rsyslog_long_tag) > run
Module Options
| RHOST | The target address |
| RPORT | The target port (default: 514) |
| CHOST | The local client address |
| CPORT | The local client port |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |