Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5617

Overview

Vulnerability Score 8.5 8.5
CVE Id CVE-2008-5617
Last Modified 14 May 2009 01:31:58
Published 16 Dec 2008 09:30:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-5617

Summary

The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to bypass intended access restrictions and spoof log messages or create a large number of spurious messages.

Vulnerable Systems

Application

  • Rsyslog 3.12.1

  • Rsyslog 3.12.2

  • Rsyslog 3.12.3

  • Rsyslog 3.12.4

  • Rsyslog 3.12.5

  • Rsyslog 3.13.0

  • Rsyslog 3.15.0

  • Rsyslog 3.15.1

  • Rsyslog 3.17.0

  • Rsyslog 3.17.1

  • Rsyslog 3.17.4

  • Rsyslog 3.17.5

  • Rsyslog 3.19.0

  • Rsyslog 3.19.1

  • Rsyslog 3.19.10

  • Rsyslog 3.19.11

  • Rsyslog 3.19.12

  • Rsyslog 3.19.2

  • Rsyslog 3.19.3

  • Rsyslog 3.19.4

  • Rsyslog 3.19.5

  • Rsyslog 3.19.6

  • Rsyslog 3.19.7

  • Rsyslog 3.19.8

  • Rsyslog 3.19.9

  • Rsyslog 3.20.0

  • Rsyslog 4.1.0

  • Rsyslog 4.1.1


References

CONFIRM - http://www.rsyslog.com/Article322.phtml

XF - rsyslog-allowedsender-security-bypass(47080)

BID - 32630

CONFIRM - http://www.rsyslog.com/Topic4.phtml

CONFIRM - http://www.rsyslog.com/Article327.phtml

SECUNIA - 32857


Last Updated: 27 May 2016 10:48:52