Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.51.0812162012070.5724@faron.mitre.org>
Date: Tue, 16 Dec 2008 20:12:13 -0500 (EST)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security <oss-security@...ts.openwall.com>, jlieskov@...hat.com
Subject: Re: CVE Request - rsyslog ($allowedSender issue repost
 + imudp DoS)


======================================================
Name: CVE-2008-5617
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5617
Reference: CONFIRM:http://www.rsyslog.com/Article322.phtml
Reference: CONFIRM:http://www.rsyslog.com/Topic4.phtml
Reference: SECUNIA:32857
Reference: URL:http://secunia.com/advisories/32857

The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does
not follow $AllowedSender directive, which allows remote attackers to
bypass intended access restrictions and spoof log messages or create a
large number of spurious messages.


======================================================
Name: CVE-2008-5618
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5618
Reference: CONFIRM:http://www.rsyslog.com/Topic4.phtml

imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20
before 3.20.2 generates a message even when it is sent by an
unauthorized sender, which allows remote attackers to cause a denial
of service (disk consumption) via a large number of spurious messages.


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.