Описание
Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files.
Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2011-0343
- https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
- https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608491
- http://www.securityfocus.com/archive/1/515955/100/0/threaded
- http://www.securityfocus.com/bid/45988
EPSS
CVE ID
Связанные уязвимости
Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files.
Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files.
Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeB ...
EPSS