{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-12-04T00:00:00", "descriptions": [{"lang": "en", "value": "The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to bypass intended access restrictions and spoof log messages or create a large number of spurious messages."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.rsyslog.com/Article327.phtml"}, {"name": "rsyslog-allowedsender-security-bypass(47080)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47080"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.rsyslog.com/Article322.phtml"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.rsyslog.com/Topic4.phtml"}, {"name": "32630", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/32630"}, {"name": "32857", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32857"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-5617", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to bypass intended access restrictions and spoof log messages or create a large number of spurious messages."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.rsyslog.com/Article327.phtml", "refsource": "CONFIRM", "url": "http://www.rsyslog.com/Article327.phtml"}, {"name": "rsyslog-allowedsender-security-bypass(47080)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47080"}, {"name": "http://www.rsyslog.com/Article322.phtml", "refsource": "CONFIRM", "url": "http://www.rsyslog.com/Article322.phtml"}, {"name": "http://www.rsyslog.com/Topic4.phtml", "refsource": "CONFIRM", "url": "http://www.rsyslog.com/Topic4.phtml"}, {"name": "32630", "refsource": "BID", "url": "http://www.securityfocus.com/bid/32630"}, {"name": "32857", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32857"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T10:56:47.372Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.rsyslog.com/Article327.phtml"}, {"name": "rsyslog-allowedsender-security-bypass(47080)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47080"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.rsyslog.com/Article322.phtml"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.rsyslog.com/Topic4.phtml"}, {"name": "32630", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/32630"}, {"name": "32857", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32857"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-5617", "datePublished": "2008-12-17T02:00:00", "dateReserved": "2008-12-16T00:00:00", "dateUpdated": "2024-08-07T10:56:47.372Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "89BF4CB5-5DBF-4D3F-BB71-EAA44A433D9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "AFB62852-2AB0-4DD8-8742-8852E35680BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.12.3:*:*:*:*:*:*:*", "matchCriteriaId": "B1CD4DC0-12FC-49C5-B2A0-2934ADFEC45C", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.12.4:*:*:*:*:*:*:*", "matchCriteriaId": "E4F8C757-DC7C-4611-BFB3-E2D909EBAFA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.12.5:*:*:*:*:*:*:*", "matchCriteriaId": "B4268BBF-CEFE-4DC0-A540-20BDA4F61BD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "B2ADEB3C-EC09-404B-B301-CF67106EC98C", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.15.0:*:*:*:*:*:*:*", "matchCriteriaId": "FE774463-3916-4BF5-A8C5-796CD1FD4AFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.15.1:beta:*:*:*:*:*:*", "matchCriteriaId": "ECAECD24-A1B6-4B51-93D4-64CCEEDEB5CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.17.0:*:*:*:*:*:*:*", "matchCriteriaId": "6E9185C1-A2A4-490B-B054-DE337D4BBAF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.17.1:*:*:*:*:*:*:*", "matchCriteriaId": "0831F7D3-6E65-4D92-8295-64F0649EDA2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.17.4:beta:*:*:*:*:*:*", "matchCriteriaId": "D9EBE646-1515-4E30-8D6B-B5320A07F798", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.17.5:beta:*:*:*:*:*:*", "matchCriteriaId": "12E5FB1C-08E9-4597-B729-9E9D7C7BBC5A", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.19.0:*:*:*:*:*:*:*", "matchCriteriaId": "CDA49F2C-F679-4CB6-912F-E1C8F23C3E9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.19.1:*:*:*:*:*:*:*", "matchCriteriaId": "5EE3C64E-1596-4AF8-A335-0BDDC9A47C66", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.19.2:*:*:*:*:*:*:*", "matchCriteriaId": "C016F6A1-83BF-4ED7-B811-44DB7B19B60F", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.19.3:*:*:*:*:*:*:*", "matchCriteriaId": "2A3A2E1E-7492-486A-916F-B9DDD0E2810C", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.19.4:*:*:*:*:*:*:*", "matchCriteriaId": "FDE04C46-348E-4772-BDFC-7A43399741E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.19.5:*:*:*:*:*:*:*", "matchCriteriaId": "37C49996-20B7-4763-AA6A-92EFDA69CF6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.19.6:*:*:*:*:*:*:*", "matchCriteriaId": "947E1B5B-E1F7-4770-9163-E8583F631810", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.19.7:*:*:*:*:*:*:*", "matchCriteriaId": "89608E18-768A-4EA1-BEC2-05DEA93C85AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.19.8:*:*:*:*:*:*:*", "matchCriteriaId": "B64A837C-553D-433A-9904-FAE91B897DD1", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.19.9:*:*:*:*:*:*:*", "matchCriteriaId": "5907B692-CCD4-40E8-B5FC-E0606996F044", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.19.10:*:*:*:*:*:*:*", "matchCriteriaId": "90C6D691-8ACB-497C-B90B-CAEDE54965B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.19.11:*:*:*:*:*:*:*", "matchCriteriaId": "6C042D96-9BB4-40F5-B752-0F1DE06BA458", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.19.12:*:*:*:*:*:*:*", "matchCriteriaId": "EA326A8D-069A-4C60-B1E8-D83CD2E70DAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:3.20.0:*:*:*:*:*:*:*", "matchCriteriaId": "47275436-0B5A-4BC6-A3F6-2232BF8D36D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "841185A1-0CD7-4965-A40A-45836037B910", "vulnerable": true}, {"criteria": "cpe:2.3:a:rsyslog:rsyslog:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4AB0A79C-E420-468E-9388-5E19EA54EA89", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to bypass intended access restrictions and spoof log messages or create a large number of spurious messages."}, {"lang": "es", "value": "El manejador ACL de rsyslog v3.12.1 hasta v3.20.0, v4.1.0 y v4.1.1, no sigue la directiva $AllowSender, lo que permite a atacantes remotos evitar las restricciones de acceso pretendidas y falsear los mensajes de registro (log) o crear un gran n\u00famero de mensajes falsos."}], "id": "CVE-2008-5617", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 7.8, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-12-17T02:30:00.203", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/32857"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.rsyslog.com/Article322.phtml"}, {"source": "cve@mitre.org", "url": "http://www.rsyslog.com/Article327.phtml"}, {"source": "cve@mitre.org", "url": "http://www.rsyslog.com/Topic4.phtml"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/32630"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47080"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/32857"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.rsyslog.com/Article322.phtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.rsyslog.com/Article327.phtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.rsyslog.com/Topic4.phtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/32630"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47080"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect the version of the rsyslog package, as shipped with Red Hat Enterprise Linux 5.", "lastModified": "2008-12-17T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}