Your submission was sent successfully! Close

CVE-2008-5618

Published: 17 December 2008

imudp in rsyslog 4.x before 4.1.2, 3.21 before 3.21.9 beta, and 3.20 before 3.20.2 generates a message even when it is sent by an unauthorized sender, which allows remote attackers to cause a denial of service (disk consumption) via a large number of spurious messages.

Priority

Low

Status

Package Release Status
rsyslog
Launchpad, Ubuntu, Debian
dapper Does not exist

gutsy Does not exist

hardy Ignored
(reached end-of-life)
intrepid Needed
(reached end-of-life)
jaunty Not vulnerable
(3.18.6-2)
karmic Not vulnerable
(3.18.6-2)
lucid Not vulnerable
(3.18.6-2)
maverick Not vulnerable
(3.18.6-2)
natty Not vulnerable
(3.18.6-2)
oneiric Not vulnerable
(3.18.6-2)
upstream
Released (3.18.6-1)