imudp in rsyslog 4.x prior to 4.1.2, 3.21 prior to 3.21.9 beta, and 3.20 prior to 3.20.2 generates a message even when it is sent by an unauthorized sender, which allows remote malicious users to cause a denial of service (disk consumption) via a large number of spurious messages.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rsyslog rsyslog 4.1.0 |
||
rsyslog rsyslog 3.12.1 |
||
rsyslog rsyslog 4.1.1 |
||
rsyslog rsyslog 3.20.0 |