syslog-ng Insecure File Permissions Local Privilege Escalation Vulnerability

Bugtraq ID: 45988
Class: Design Error
CVE: CVE-2011-0343
Remote: No
Local: Yes
Published: Jan 25 2011 12:00AM
Updated: Jan 25 2011 12:00AM
Credit: Steven Chamberlain
Vulnerable: Balabit syslog-ng Premium Edition 3.2
Balabit syslog-ng Premium Edition 3.0.5
Balabit syslog-ng Open Source Edition 3.2.1
Balabit syslog-ng Open Source Edition 3.1.3
Balabit syslog-ng Open Source Edition 3.0.9
Balabit syslog-ng Open Source Edition 3.0.8
Balabit syslog-ng Open Source Edition 3.0.7
Balabit syslog-ng Open Source Edition 3.2alpha1
Balabit syslog-ng Open Source Edition 3.2
Not Vulnerable: Balabit syslog-ng Premium Edition 3.0.6
Balabit syslog-ng Premium Edition 3.2.1A
Balabit syslog-ng Open Source Edition 3.2.2
Balabit syslog-ng Open Source Edition 3.1.4
Balabit syslog-ng Open Source Edition 3.0.10


 

Privacy Statement
Copyright 2010, SecurityFocus