Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [month] [year] [list] 
Date: Tue, 16 Dec 2008 20:12:13 -0500 (EST)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security <oss-security@...ts.openwall.com>, jlieskov@...hat.com
Subject: Re: CVE Request - rsyslog ($allowedSender issue repost
 + imudp DoS)


======================================================
Name: CVE-2008-5617
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5617
Reference: CONFIRM:http://www.rsyslog.com/Article322.phtml
Reference: CONFIRM:http://www.rsyslog.com/Topic4.phtml
Reference: SECUNIA:32857
Reference: URL:http://secunia.com/advisories/32857

The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does
not follow $AllowedSender directive, which allows remote attackers to
bypass intended access restrictions and spoof log messages or create a
large number of spurious messages.


======================================================
Name: CVE-2008-5618
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5618
Reference: CONFIRM:http://www.rsyslog.com/Topic4.phtml

imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20
before 3.20.2 generates a message even when it is sent by an
unauthorized sender, which allows remote attackers to cause a denial
of service (disk consumption) via a large number of spurious messages.

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux