Описание
syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 2.0.9-4.2 |
| gutsy | ignored | end of life, was needed |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needed |
| jaunty | not-affected | 2.0.9-4.1 |
| karmic | not-affected | 2.0.9-4.1 |
| lucid | not-affected | 2.0.9-4.2 |
| maverick | not-affected | 2.0.9-4.2 |
| natty | not-affected | 2.0.9-4.2 |
Показывать по
Ссылки на источники
EPSS
9.3 Critical
CVSS2
Связанные уязвимости
syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9.
syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9.
syslog-ng does not call chdir when it calls chroot, which might allow ...
syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9.
Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
9.3 Critical
CVSS2