|
|
RSyslog '$AllowedSender' Configuration Directive Security Bypass Vulnerability
|
Bugtraq ID:
|
32630
|
|
Class:
|
Access Validation Error
|
|
CVE:
|
CVE-2008-5617
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Dec 04 2008 12:00AM
|
|
Updated:
|
Jan 12 2009 11:52PM
|
|
Credit:
|
This issue was disclosed by the vendor following an unspecified user's bug report.
|
|
Vulnerable:
|
S.u.S.E. openSUSE 11.1
RSyslog RSyslog 4.1.1
RSyslog RSyslog 4.1
RSyslog RSyslog 3.20
RSyslog RSyslog 3.12.1
RedHat Fedora 9 0
|
|
|
|
Not Vulnerable:
|
RSyslog RSyslog 3.21.9
RSyslog RSyslog 3.20.1
|
|
|
