CVE-2008-5617

The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to bypass intended access restrictions and spoof log messages or create a large number of spurious messages.

Published: Dec 17, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-5617
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 8.5
AV:N/AC:L/Au:N/C:N/I:P/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
rsyslog / rsyslog	3.19.1	3.19.1.x
rsyslog / rsyslog	3.12.2	3.12.2.x
rsyslog / rsyslog	3.17.4-beta	3.17.4-beta.x
rsyslog / rsyslog	3.13.0	3.13.0.x
rsyslog / rsyslog	3.19.9	3.19.9.x
rsyslog / rsyslog	3.12.4	3.12.4.x
rsyslog / rsyslog	3.19.8	3.19.8.x
rsyslog / rsyslog	4.1.1	4.1.1.x
rsyslog / rsyslog	3.19.12	3.19.12.x
rsyslog / rsyslog	3.19.11	3.19.11.x
rsyslog / rsyslog	3.17.1	3.17.1.x
rsyslog / rsyslog	3.19.6	3.19.6.x
rsyslog / rsyslog	3.19.10	3.19.10.x
rsyslog / rsyslog	3.17.0	3.17.0.x
rsyslog / rsyslog	3.19.7	3.19.7.x
rsyslog / rsyslog	3.12.3	3.12.3.x
rsyslog / rsyslog	3.19.0	3.19.0.x
rsyslog / rsyslog	4.1.0	4.1.0.x
rsyslog / rsyslog	3.12.1	3.12.1.x
rsyslog / rsyslog	3.15.1-beta	3.15.1-beta.x
rsyslog / rsyslog	3.19.3	3.19.3.x
rsyslog / rsyslog	3.12.5	3.12.5.x
rsyslog / rsyslog	3.19.2	3.19.2.x
rsyslog / rsyslog	3.15.0	3.15.0.x
rsyslog / rsyslog	3.17.5-beta	3.17.5-beta.x
rsyslog / rsyslog	3.19.5	3.19.5.x
rsyslog / rsyslog	3.20.0	3.20.0.x
rsyslog / rsyslog	3.19.4	3.19.4.x

Vulnerability Database

289,697

CVE-2008-5617