eSikker.dk

Sårbarhed Detalje Syn
Legend : critical high medium low other
id 52578
Risiko other
Familie Red Hat Local Security Checks
Kategori infos
Navn RHSA-2011-0324: logwatch
Sammenfatning Check for the version of the logwatch packages
Beskrivelse
Synopsis :

The remote host is missing the patch for the advisory RHSA-2011-0324

Description :

An updated logwatch package that fixes one security issue is now available
for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

Logwatch is a customizable log analysis system. Logwatch parses through
your system's logs for a given period of time and creates a report
analyzing areas that you specify, in as much detail as you require.

A flaw was found in the way Logwatch processed log files. If an attacker
were able to create a log file with a malicious file name, it could result
in arbitrary code execution with the privileges of the root user when that
log file is analyzed by Logwatch. (CVE-2011-1018)

Users of logwatch should upgrade to this updated package, which contains a
backported patch to resolve this issue.

See also :

http://rhn.redhat.com/errata/RHSA-2011-0324.html

Solution :

Update the affected package(s) using, for example, 'yum update'.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE CVE-2011-1018
Bugtraq NOBID
Copyright (C) 2011 Tenable Network Security, Inc.