Sårbarhed Detalje Syn
Legend :
critical
high
medium
low
other
| id | 52578 |
|---|
| Risiko | other |
|---|
| Familie | Red Hat Local Security Checks |
|---|
| Kategori | infos |
|---|
| Navn | RHSA-2011-0324: logwatch |
|---|
| Sammenfatning | Check for the version of the logwatch packages |
|---|
| Beskrivelse |
Synopsis :
The remote host is missing the patch for the advisory RHSA-2011-0324
Description :
An updated logwatch package that fixes one security issue is now available
for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.
Logwatch is a customizable log analysis system. Logwatch parses through
your system's logs for a given period of time and creates a report
analyzing areas that you specify, in as much detail as you require.
A flaw was found in the way Logwatch processed log files. If an attacker
were able to create a log file with a malicious file name, it could result
in arbitrary code execution with the privileges of the root user when that
log file is analyzed by Logwatch. (CVE-2011-1018)
Users of logwatch should upgrade to this updated package, which contains a
backported patch to resolve this issue.
See also :
http://rhn.redhat.com/errata/RHSA-2011-0324.html
Solution :
Update the affected package(s) using, for example, 'yum update'.
Risk factor :
Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
|
|---|
| CVE |
CVE-2011-1018 |
| Bugtraq |
NOBID |
| Copyright |
(C) 2011 Tenable Network Security, Inc. |
|
|