Date: Tue, 16 Dec 2008 20:12:13 -0500 (EST) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security <oss-security@...ts.openwall.com>, jlieskov@...hat.com Subject: Re: CVE Request - rsyslog ($allowedSender issue repost + imudp DoS) ====================================================== Name: CVE-2008-5617 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5617 Reference: CONFIRM:http://www.rsyslog.com/Article322.phtml Reference: CONFIRM:http://www.rsyslog.com/Topic4.phtml Reference: SECUNIA:32857 Reference: URL:http://secunia.com/advisories/32857 The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to bypass intended access restrictions and spoof log messages or create a large number of spurious messages. ====================================================== Name: CVE-2008-5618 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5618 Reference: CONFIRM:http://www.rsyslog.com/Topic4.phtml imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 before 3.20.2 generates a message even when it is sent by an unauthorized sender, which allows remote attackers to cause a denial of service (disk consumption) via a large number of spurious messages.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.