CVE-2020-8442
Published
CVSS v3
8.8
HIGH
CVSS v2
6.5
MEDIUM
Affected
1
PROJECT
Description
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a heap-based buffer overflow in the rootcheck decoder component via an authenticated client.
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
GitHub