Vulnerability CVE-2008-5110

Vulnerability Name:

CVE-2008-5110 (CCN-46664)

Assigned:

2008-11-15

Published:

2008-11-15

Updated:

2021-06-22

Summary:

syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail.
Note: this is only a vulnerability when a separate vulnerability is present. This flaw affects syslog-ng versions prior to and including 2.0.9.

CVSS v3 Severity:

5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.6 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:UR)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.6 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:UR)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-noinfo

Vulnerability Consequences:

File Manipulation

References:

Source: CCN
Type: Debian Bug report logs - #505791
syslog-ng doesn't chdir before chroot

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505791

Source: MITRE
Type: CNA
CVE-2008-5110

Source: CCN
Type: HP Security Bulletin HPSBMA02554 SSRT100018
HP Insight Control for Linux, Remote Execution of Arbitrary Code, Remote Denial of Service (DoS), Remote Unauthorized Access

Source: HP
Type: Broken Link
SSRT100018

Source: CCN
Type: SA35748
Gentoo syslog-ng "chroot()" Weakness

Source: SECUNIA
Type: Third Party Advisory
35748

Source: CCN
Type: SA40551
HP Insight Control Suite For Linux Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
40551

Source: GENTOO
Type: Third Party Advisory
GLSA-200907-10

Source: CCN
Type: BalaBit Web site
syslog-ng

Source: CCN
Type: GLSA-200907-10
Syslog-ng: Chroot escape

Source: CCN
Type: oss-security Mailing List, Mon, 17 Nov 2008 16:10:28 -0500 (EST)
CVE Request (syslog-ng)

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20081117 CVE Request (syslog-ng)

Source: CCN
Type: oss-security Mailing List, Mon, 17 Nov 2008 16:43:36 -0500 (EST)
Re: CVE Request (syslog-ng)

Source: CCN
Type: OSVDB ID: 50327
syslog-ng chroot chdir Call Jailed Directory Weakness

Source: CCN
Type: BID-32338
Balabit syslog-ng Insecure 'chroot()' Implementation Weakness

Source: VUPEN
Type: Permissions Required, Third Party Advisory
ADV-2010-1796

Source: XF
Type: UNKNOWN
syslogng-chroot-security-bypass(46664)

Vulnerable Configuration:

Configuration 1:

cpe:/a:oneidentity:syslog-ng:*:*:*:*:*:*:*:* (Version <= 2.0.9)

Configuration CCN 1:

cpe:/a:balabit:syslog-ng:2.0.9::premium:*:*:*:*:*

OR cpe:/a:balabit:syslog-ng:2.0.6::premium:*:*:*:*:*

OR cpe:/a:balabit:syslog-ng:2.0.5::premium:*:*:*:*:*

OR cpe:/a:balabit:syslog-ng:2.0.4::premium:*:*:*:*:*

OR cpe:/a:balabit:syslog-ng:2.0.3::premium:*:*:*:*:*

OR cpe:/a:balabit:syslog-ng:2.0.2::premium:*:*:*:*:*

OR cpe:/a:balabit:syslog-ng:2.0.1::premium:*:*:*:*:*

AND

cpe:/o:gentoo:linux:-:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20085110	V	CVE-2008-5110	2022-06-30
oval:org.opensuse.security:def:112626	P	libevtlog-3_33-0-3.33.2-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:26218	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:31723	P	Security update for chrony (Moderate)	2021-12-22
oval:org.opensuse.security:def:31327	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:31719	P	Security update for glib-networking (Important)	2021-12-13
oval:org.opensuse.security:def:32222	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:31306	P	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:32220	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:26165	P	Security update for libarchive (Moderate)	2021-11-17
oval:org.opensuse.security:def:31295	P	Security update for transfig (Important)	2021-10-29
oval:org.opensuse.security:def:31294	P	Security update for opensc (Important)	2021-10-29
oval:org.opensuse.security:def:42234	P	Security update for salt (Moderate)	2021-10-27
oval:org.opensuse.security:def:26153	P	Security update for git (Low)	2021-10-20
oval:org.opensuse.security:def:106108	P	libevtlog-3_33-0-3.33.2-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:26136	P	Security update for gd (Moderate)	2021-09-23
oval:org.opensuse.security:def:32171	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-08-25
oval:org.opensuse.security:def:26109	P	Security update for unrar (Moderate)	2021-08-25
oval:org.opensuse.security:def:31661	P	Security update for webkit2gtk3 (Important)	2021-08-03
oval:org.opensuse.security:def:26095	P	Security update for glibc (Moderate)	2021-07-27
oval:org.opensuse.security:def:32963	P	Security update for MozillaFirefox (Important)	2021-07-16
oval:org.opensuse.security:def:32115	P	Security update for spice (Important)	2021-06-08
oval:org.opensuse.security:def:36302	P	syslog-ng-2.0.9-27.34.36.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:42709	P	syslog-ng-2.0.9-27.34.36.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:26056	P	Security update for curl (Moderate)	2021-05-26
oval:org.opensuse.security:def:26055	P	Security update for hivex (Moderate)	2021-05-26
oval:org.opensuse.security:def:32078	P	Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:32070	P	Security update for clamav (Important)	2021-04-14
oval:org.opensuse.security:def:31604	P	Security update for spamassassin (Important)	2021-04-12
oval:org.opensuse.security:def:31748	P	Security update for openssl (Moderate)	2021-03-24
oval:org.opensuse.security:def:32281	P	Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)	2021-03-17
oval:org.opensuse.security:def:26193	P	Security update for bind (Important)	2021-02-18
oval:org.opensuse.security:def:32259	P	Security update for bind (Important)	2021-02-18
oval:org.opensuse.security:def:33002	P	Security update for kernel-source (Important)	2021-02-05
oval:org.opensuse.security:def:32135	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:32114	P	Security update for java-1_7_1-ibm (Moderate)	2021-01-04
oval:org.opensuse.security:def:31195	P	Security update for java-1_7_1-ibm (Moderate)	2021-01-04
oval:org.opensuse.security:def:31563	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:32009	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2020-12-07
oval:org.opensuse.security:def:42048	P	syslog-ng-2.0.9-27.27.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35827	P	syslog-ng-2.0.9-27.32.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:36039	P	syslog-ng-2.0.9-27.34.36.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42446	P	syslog-ng-2.0.9-27.34.36.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35641	P	syslog-ng-2.0.9-27.27.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31121	P	Security update for krb5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31476	P	Security update for puppet	2020-12-01
oval:org.opensuse.security:def:31824	P	Security update for bash (Low)	2020-12-01
oval:org.opensuse.security:def:32567	P	libsndfile on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31960	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31505	P	Security update for python27 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31854	P	Security update for cracklib (Moderate)	2020-12-01
oval:org.opensuse.security:def:32522	P	gnome-screensaver on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33265	P	syslog-ng on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25268	P	Security update for mozilla-nspr, mozilla-nss (Moderate)	2020-12-01
oval:org.opensuse.security:def:25618	P	Security update for python3 (Important)	2020-12-01
oval:org.opensuse.security:def:25910	P	Security update for gstreamer-0_10-plugins-base (Low)	2020-12-01
oval:org.opensuse.security:def:26641	P	syslog-ng on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25389	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:25719	P	Security update for ipmitool (Important)	2020-12-01
oval:org.opensuse.security:def:26791	P	openslp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25589	P	Security update for zabbix (Moderate)	2020-12-01
oval:org.opensuse.security:def:25873	P	Security update for libcares2 (Low)	2020-12-01
oval:org.opensuse.security:def:26364	P	Security update for irssi (Low)	2020-12-01
oval:org.opensuse.security:def:25851	P	Security update for freerdp (Moderate)	2020-12-01
oval:org.opensuse.security:def:26428	P	Security update for redis (Moderate)	2020-12-01
oval:org.opensuse.security:def:26583	P	libarchive2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31863	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:32606	P	syslog-ng on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32752	P	nagios on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31506	P	Security update for python27 (Important)	2020-12-01
oval:org.opensuse.security:def:31815	P	Security update for apache2-mod_perl (Moderate)	2020-12-01
oval:org.opensuse.security:def:32325	P	Security update for samba (Important)	2020-12-01
oval:org.opensuse.security:def:31768	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31986	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32378	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:32544	P	libMagickCore1-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25192	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25396	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:25769	P	Security update for gd (Low)	2020-12-01
oval:org.opensuse.security:def:25924	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:25453	P	Security update for libseccomp (Moderate)	2020-12-01
oval:org.opensuse.security:def:25803	P	Security update for flash-player (Moderate)	2020-12-01
oval:org.opensuse.security:def:26826	P	syslog-ng on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25600	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:25930	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:26267	P	Security update for xawtv (Moderate)	2020-12-01
oval:org.opensuse.security:def:27002	P	openvpn on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25852	P	Security update for flash-playerqemu (Important)	2020-12-01
oval:org.opensuse.security:def:26481	P	Security update for chromium (Moderate)	2020-12-01
oval:org.opensuse.security:def:26627	P	perl-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31109	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31885	P	Security update for ecryptfs-utils (Moderate)	2020-12-01
oval:org.opensuse.security:def:31380	P	Security update for openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32048	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:32791	P	syslog-ng on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31517	P	Security update for quagga (Important)	2020-12-01
oval:org.opensuse.security:def:31872	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:31769	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32434	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:32588	P	pam on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25193	P	Security update for ed (Low)	2020-12-01
oval:org.opensuse.security:def:25477	P	Security update for spectre-meltdown-checker (Moderate)	2020-12-01
oval:org.opensuse.security:def:25822	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:25968	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:25377	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:25581	P	Security update for perl-XML-Twig (Moderate)	2020-12-01
oval:org.opensuse.security:def:25954	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:25664	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26014	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:26306	P	Security update for python-Jinja2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27037	P	syslog-ng on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25863	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:26530	P	clamav on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27265	P	perl-Tk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31110	P	Security update for krb5	2020-12-01
oval:org.opensuse.security:def:31419	P	Security update for php53 (Important)	2020-12-01
oval:org.opensuse.security:def:31775	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:31929	P	Security update for glib2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31512	P	Recommended update for python 2.7 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31904	P	Security update for foomatic-filters (Moderate)	2020-12-01
oval:org.opensuse.security:def:31591	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:31959	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31780	P	Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:32483	P	OpenEXR on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33226	P	pcsc-ccid on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25204	P	Security update for curl (Important)	2020-12-01
oval:org.opensuse.security:def:25534	P	Security update for adns (Important)	2020-12-01
oval:org.opensuse.security:def:25871	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:26606	P	libvirt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25378	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:25662	P	Security update for apache-commons-httpclient (Important)	2020-12-01
oval:org.opensuse.security:def:26007	P	Security update for libid3tag (Moderate)	2020-12-01
oval:org.opensuse.security:def:25588	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:25792	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:26320	P	Security update to go1.4 (Low)	2020-12-01
oval:org.opensuse.security:def:25927	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26277	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:26569	P	kde4-kgreeter-plugins on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27300	P	syslog-ng on GA media (Moderate)	2020-12-01

BACK