Lucene search
Ubuntu.comUB:CVE-2011-0343HistoryJan 28, 2011 - 12:00 a.m.
CVE-2011-0343
2011-01-2800:00:00
ubuntu.com
ubuntu.com
9
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or
HP-UX, does not properly perform cast operations, which causes syslog-ng to
use a default value of -1 to create log files with insecure permissions
(07777), which allows local users to read and write to these log files.
Notes
| Author | Note |
|---|---|
| sbeattie | only affects people running syslog-ng on kfreebsd, as fchmod when passed with -1 doesn’t change the mode on files. |
Related
nvd
nvd
CVE-2011-0343
2011-01-28 16:00:03
securityvulns
securityvulns
syslog-ng wrong file permission vulnerability
2011-01-26 00:00:00
syslog-ng weak permissions
2011-01-26 00:00:00
cve
cve
CVE-2011-0343
2011-01-28 16:00:03
cvelist
cvelist
CVE-2011-0343
2011-01-28 15:00:00
debiancve
debiancve
CVE-2011-0343
2011-01-28 16:00:03
prion
prion
Design/Logic Flaw
2011-01-28 16:00:00
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
Related for UB:CVE-2011-0343