Oval Definition:
oval:org.opensuse.security:def:20110017
Revision Date
:
2022-06-30
Version
:
1
Title
:
CVE-2011-0017
Description
:
The open_log function in log.c in Exim 4.72 and earlier does not check the return value from (1) setuid or (2) setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2011-0017
Mitre CVE-2011-0017
SUSE CVE-2011-0017
openSUSE-SU-2011:0105-1
SUSE-SR:2011:004
Platform(s)
:
openSUSE 11.2
openSUSE 11.3
openSUSE 13.2
openSUSE Tumbleweed
Product(s)
:
Definition Synopsis
openSUSE 13.2 is installed
AND
exim-4.83-3.1.8 is installed
Definition Synopsis
openSUSE Tumbleweed is installed
AND
Package Information
exim-4.86.2-2.2 is installed
OR
eximon-4.86.2-2.2 is installed
OR
eximstats-html-4.86.2-2.2 is installed
BACK