CVE-2008-5617

Name of the Vulnerable Software and Affected Versions rsyslog versions 3.12.1 through 3.20.0 rsyslog version 4.1.0 rsyslog version 4.1.1

Description The issue concerns the ACL handling in rsyslog, where it fails to follow the $AllowedSender directive. This allows remote attackers to bypass intended access restrictions. As a result, attackers can spoof log messages or create a large number of spurious messages.

Recommendations For rsyslog versions 3.12.1 through 3.20.0, consider restricting access to the logging mechanism to minimize the risk of exploitation. For rsyslog version 4.1.0, restrict access to the logging mechanism to minimize the risk of exploitation. For rsyslog version 4.1.1, restrict access to the logging mechanism to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.