Oval Definition:
oval:org.mitre.oval:def:21822
Revision Date
:
2015-03-09
Version
:
12
Title
:
RHSA-2011:0324: logwatch security update (Important)
Description
:
logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CESA-2011:0324-CentOS 5
CVE-2011-1018
RHSA-2011:0324-01
Platform(s)
:
CentOS Linux 5
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product(s)
:
logwatch
Definition Synopsis
Red Hat Enterprise Linux 5 and CentOS Linux 5 release section
Operation system section
The operating system installed on the system is Red Hat Enterprise Linux 5
OR
The operating system installed on the system is CentOS Linux 5.x
AND
logwatch is earlier than 0:7.3-9.el5_6
Red Hat Enterprise Linux 6 release section
The operating system installed on the system is Red Hat Enterprise Linux 6
AND
logwatch is earlier than 0:7.3.6-49.el6
BACK