Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-8446

Опубликовано: 30 янв. 2020
Источник: debian
EPSS Низкий

Описание

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to path traversal (with write access) via crafted syscheck messages written directly to the analysisd UNIX domain socket by a local user.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
ossec-hidsitppackage

EPSS

Процентиль: 40%
0.00185
Низкий

Связанные уязвимости

nvd логотип

CVE-2020-8446

CVSS3: 5.5
nvd
около 6 лет назад

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to path traversal (with write access) via crafted syscheck messages written directly to the analysisd UNIX domain socket by a local user.

github логотип

GHSA-96pq-2p2q-gx9m

CVSS3: 5.5
github
больше 3 лет назад

In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to path traversal (with write access) via crafted syscheck messages written directly to the analysisd UNIX domain socket by a local user.

EPSS

Процентиль: 40%
0.00185
Низкий