13 matches found
[security bulletin] HPSBMA02554 SSRT100018 rev.2 - HP Insight Control for Linux, Remote Execution of Arbitrary Code, Remote Denial of Service (DoS), Remote Unauthorized Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02286083 Version: 1 HPSBMA02554 SSRT100018 rev.2 - HP Insight Control for Linux, Remote Execution of Arbitrary Code, Remote Denial of Service DoS, Remote Unauthorized Access NOTICE: The informati...
Gentoo Security Advisory GLSA 200907-10 (syslog-ng)
The remote host is missing updates announced in advisory GLSA 200907-10. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
GLSA-200907-10 : Syslog-ng: Chroot escape
The remote host is affected by the vulnerability described in GLSA-200907-10 Syslog-ng: Chroot escape Florian Grandel reported that Syslog-ng does not call chdir before chroot which leads to an inherited file descriptor to the current working directory. Impact : A local attacker might exploit a...
Fedora 10 : syslog-ng-2.0.10-1.fc10 (2008-10879)
Fixes CVE-2008-5110 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Fedora Update for syslog-ng FEDORA-2008-10879
Check for the Version of syslog-ng OpenVAS Vulnerability Test Fedora Update for syslog-ng FEDORA-2008-10879 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Fedora Update for syslog-ng FEDORA-2008-10920
Check for the Version of syslog-ng OpenVAS Vulnerability Test Fedora Update for syslog-ng FEDORA-2008-10920 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Fedora Update for syslog-ng FEDORA-2008-10879
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for syslog-ng FEDORA-2008-10752
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 8 : syslog-ng-2.0.10-1.fc8 (2008-10920)
Fixes CVE-2008-5110 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Fedora 9 : syslog-ng-2.0.10-1.fc9 (2008-10752)
Fixes CVE-2008-5110 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
FreeBSD Ports: syslog-ng2
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2008-5110
CVE-2008-5110 affects syslog-ng up to version 2.0.x (=2.0.10 or >=2.1.3 (for the 2.0 and 2.1 lines, respectively). Additional references (GLSA 200907-10) describe the local access risk and remediation, and Fedora advisories similarly indicate updates addressing CVE-2008-5110. No explicit in-th...
CVE-2008-5110
syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9...