CVE-2008-5617

The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to bypass intended access restrictions and spoof log messages or create a large number of spurious messages.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
VendorProductVersion
rsyslogrsyslog
3.12.1
rsyslogrsyslog
3.12.2
rsyslogrsyslog
3.12.3
rsyslogrsyslog
3.12.4
rsyslogrsyslog
3.12.5
rsyslogrsyslog
3.13.0
rsyslogrsyslog
3.15.0
rsyslogrsyslog
3.15.1:beta
rsyslogrsyslog
3.17.0
rsyslogrsyslog
3.17.1
rsyslogrsyslog
3.17.4:beta
rsyslogrsyslog
3.17.5:beta
rsyslogrsyslog
3.19.0
rsyslogrsyslog
3.19.1
rsyslogrsyslog
3.19.2
rsyslogrsyslog
3.19.3
rsyslogrsyslog
3.19.4
rsyslogrsyslog
3.19.5
rsyslogrsyslog
3.19.6
rsyslogrsyslog
3.19.7
rsyslogrsyslog
3.19.8
rsyslogrsyslog
3.19.9
rsyslogrsyslog
3.19.10
rsyslogrsyslog
3.19.11
rsyslogrsyslog
3.19.12
rsyslogrsyslog
3.20.0
rsyslogrsyslog
4.1.0
rsyslogrsyslog
4.1.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
rsyslog
bullseye (security)
8.2102.0-2+deb11u1
fixed
bullseye
8.2102.0-2+deb11u1
fixed
bookworm
8.2302.0-1
fixed
sid
8.2410.0-1
fixed
trixie
8.2410.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
rsyslog
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
ignored
hardy
ignored
gutsy
dne
dapper
dne
Common Weakness Enumeration
References
http://secunia.com/advisories/32857
http://www.rsyslog.com/Article322.phtml
http://www.rsyslog.com/Article327.phtml
http://www.rsyslog.com/Topic4.phtml
http://www.securityfocus.com/bid/32630
https://exchange.xforce.ibmcloud.com/vulnerabilities/47080
http://secunia.com/advisories/32857
http://www.rsyslog.com/Article322.phtml
http://www.rsyslog.com/Article327.phtml
http://www.rsyslog.com/Topic4.phtml
http://www.securityfocus.com/bid/32630
https://exchange.xforce.ibmcloud.com/vulnerabilities/47080