Lucene search
Ubuntu.comUB:CVE-2008-5110HistoryNov 17, 2008 - 12:00 a.m.
CVE-2008-5110
2008-11-1700:00:00
ubuntu.com
ubuntu.com
8
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
58.8%
syslog-ng does not call chdir when it calls chroot, which might allow
attackers to escape the intended jail. NOTE: this is only a vulnerability
when a separate vulnerability is present. This flaw affects syslog-ng
versions prior to and including 2.0.9.
Bugs
Related
nessus
nessus
FreeBSD : syslog-ng2 -- startup directory leakage in the chroot environment (75f2382e-b586-11dd-95f9-00e0815b8da8)
2008-11-19 00:00:00
Fedora 8 : syslog-ng-2.0.10-1.fc8 (2008-10920)
2008-12-08 00:00:00
Fedora 9 : syslog-ng-2.0.10-1.fc9 (2008-10752)
2008-12-08 00:00:00
openvas
openvas
Fedora Update for syslog-ng FEDORA-2008-10920
2009-02-16 00:00:00
Fedora Update for syslog-ng FEDORA-2008-10752
2009-02-16 00:00:00
Fedora Update for syslog-ng FEDORA-2008-10879
2009-02-16 00:00:00
gentoo
gentoo
Syslog-ng: Chroot escape
2009-07-12 00:00:00
freebsd
freebsd
syslog-ng2 -- startup directory leakage in the chroot environment
2008-11-15 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: syslog-ng-2.0.10-1.fc9
2008-12-07 04:14:35
[SECURITY] Fedora 10 Update: syslog-ng-2.0.10-1.fc10
2008-12-07 04:29:13
[SECURITY] Fedora 8 Update: syslog-ng-2.0.10-1.fc8
2008-12-07 04:33:55
cve
cve
CVE-2008-5110
2008-11-17 22:21:00
debiancve
debiancve
CVE-2008-5110
2008-11-17 22:21:00
prion
prion
Security feature bypass
2008-11-17 22:21:00
securityvulns
securityvulns
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
58.8%
Related for UB:CVE-2008-5110