CVE-2011-0343

Severity Score

6.9

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files.

Balabit syslog-ng v2.0, v3.0, v3.1, v3.2 OSE y PE, cuando se ejecutan en FreeBSD o HP-UX, no realiza adecuadamente las operaciones de conversión, esto provoca que syslog-ng emplee un valor por defecto de -1 para crear archivos de registro (log) con permisos no seguros (07777), lo que permite a usuarios locales leer y escribir en estos archivos de registro.

*Credits: N/A

CVSS Scores

NISTv2 6.9

Attack Vector

Local

Attack Complexity

Medium

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2011-01-06 CVE Reserved
2011-01-25 CVE Published
2023-03-08 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-264: Permissions, Privileges, and Access Controls

CAPEC

References (5)

URL	Tag	Source
http://www.securityfocus.com/archive/1/515955/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/45988	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608491	2020-05-19

URL	Date	SRC
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html	2020-05-19
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html	2020-05-19

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	2.0 Search vendor "Oneidentity" for product "Syslog-ng" and version "2.0"	open_source	Affected	in	Freebsd Search vendor "Freebsd"	Freebsd Search vendor "Freebsd" for product "Freebsd"	*	-	Safe
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	2.0 Search vendor "Oneidentity" for product "Syslog-ng" and version "2.0"	open_source	Affected	in	Hp Search vendor "Hp"	Hp-ux Search vendor "Hp" for product "Hp-ux"	*	-	Safe
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	2.0 Search vendor "Oneidentity" for product "Syslog-ng" and version "2.0"	premium	Affected	in	Freebsd Search vendor "Freebsd"	Freebsd Search vendor "Freebsd" for product "Freebsd"	*	-	Safe
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	2.0 Search vendor "Oneidentity" for product "Syslog-ng" and version "2.0"	premium	Affected	in	Hp Search vendor "Hp"	Hp-ux Search vendor "Hp" for product "Hp-ux"	*	-	Safe
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	3.0 Search vendor "Oneidentity" for product "Syslog-ng" and version "3.0"	open_source	Affected	in	Freebsd Search vendor "Freebsd"	Freebsd Search vendor "Freebsd" for product "Freebsd"	*	-	Safe
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	3.0 Search vendor "Oneidentity" for product "Syslog-ng" and version "3.0"	open_source	Affected	in	Hp Search vendor "Hp"	Hp-ux Search vendor "Hp" for product "Hp-ux"	*	-	Safe
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	3.0 Search vendor "Oneidentity" for product "Syslog-ng" and version "3.0"	premium	Affected	in	Freebsd Search vendor "Freebsd"	Freebsd Search vendor "Freebsd" for product "Freebsd"	*	-	Safe
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	3.0 Search vendor "Oneidentity" for product "Syslog-ng" and version "3.0"	premium	Affected	in	Hp Search vendor "Hp"	Hp-ux Search vendor "Hp" for product "Hp-ux"	*	-	Safe
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	3.1 Search vendor "Oneidentity" for product "Syslog-ng" and version "3.1"	open_source	Affected	in	Freebsd Search vendor "Freebsd"	Freebsd Search vendor "Freebsd" for product "Freebsd"	*	-	Safe
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	3.1 Search vendor "Oneidentity" for product "Syslog-ng" and version "3.1"	open_source	Affected	in	Hp Search vendor "Hp"	Hp-ux Search vendor "Hp" for product "Hp-ux"	*	-	Safe
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	3.1 Search vendor "Oneidentity" for product "Syslog-ng" and version "3.1"	premium	Affected	in	Freebsd Search vendor "Freebsd"	Freebsd Search vendor "Freebsd" for product "Freebsd"	*	-	Safe
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	3.1 Search vendor "Oneidentity" for product "Syslog-ng" and version "3.1"	premium	Affected	in	Hp Search vendor "Hp"	Hp-ux Search vendor "Hp" for product "Hp-ux"	*	-	Safe
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	3.2 Search vendor "Oneidentity" for product "Syslog-ng" and version "3.2"	open_source	Affected	in	Freebsd Search vendor "Freebsd"	Freebsd Search vendor "Freebsd" for product "Freebsd"	*	-	Safe
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	3.2 Search vendor "Oneidentity" for product "Syslog-ng" and version "3.2"	open_source	Affected	in	Hp Search vendor "Hp"	Hp-ux Search vendor "Hp" for product "Hp-ux"	*	-	Safe
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	3.2 Search vendor "Oneidentity" for product "Syslog-ng" and version "3.2"	premium	Affected	in	Freebsd Search vendor "Freebsd"	Freebsd Search vendor "Freebsd" for product "Freebsd"	*	-	Safe
Oneidentity Search vendor "Oneidentity"	Syslog-ng Search vendor "Oneidentity" for product "Syslog-ng"	3.2 Search vendor "Oneidentity" for product "Syslog-ng" and version "3.2"	premium	Affected	in	Hp Search vendor "Hp"	Hp-ux Search vendor "Hp" for product "Hp-ux"	*	-	Safe