Vulnerability CVE-2011-0343

Vulnerability Name:

CVE-2011-0343 (CCN-64939)

Assigned:

2011-01-10

Published:

2011-01-10

Updated:

2020-05-19

Summary:

Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files.

CVSS v3 Severity:

4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)
5.1 Medium (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-264

Vulnerability Consequences:

Gain Privileges

References:

Source: CONFIRM
Type: Patch, Third Party Advisory
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608491

Source: MITRE
Type: CNA
CVE-2011-0343

Source: CCN
Type: SA42995
syslog-ng Insecure Log File Permissions Security Issue

Source: CCN
Type: OSVDB ID: 70681
syslog-ng Type Casting Log File Permission Weakness Local File Modification

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20110125 syslog-ng wrong file permission vulnerability

Source: BID
Type: Third Party Advisory, VDB Entry
45988

Source: CCN
Type: BID-45988
syslog-ng Insecure File Permissions Local Privilege Escalation Vulnerability

Source: XF
Type: UNKNOWN
syslogng-log-files-privilege-escalation(64939)

Source: CCN
Type: BalaBit Web site
syslog-ng Premium Edition 3.0.6a has been released

Source: MLIST
Type: Vendor Advisory
[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released

Source: MLIST
Type: Vendor Advisory
[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released

Vulnerable Configuration:

Configuration 1:

cpe:/a:oneidentity:syslog-ng:2.0:*:*:*:open_source:*:*:*

OR cpe:/a:oneidentity:syslog-ng:2.0:*:*:*:premium:*:*:*

OR cpe:/a:oneidentity:syslog-ng:3.0:*:*:*:open_source:*:*:*

OR cpe:/a:oneidentity:syslog-ng:3.0:*:*:*:premium:*:*:*

OR cpe:/a:oneidentity:syslog-ng:3.1:*:*:*:open_source:*:*:*

OR cpe:/a:oneidentity:syslog-ng:3.1:*:*:*:premium:*:*:*

OR cpe:/a:oneidentity:syslog-ng:3.2:*:*:*:open_source:*:*:*

OR cpe:/a:oneidentity:syslog-ng:3.2:*:*:*:premium:*:*:*

AND

cpe:/o:freebsd:freebsd:*:*:*:*:*:*:*:*

OR cpe:/o:hp:hp-ux:*:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7731	P	pam_krb5-2.4.13-1.36 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7709	P	libzmq5-4.2.3-3.15.4 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:20110343	V	CVE-2011-0343	2022-06-30
oval:org.opensuse.security:def:113474	P	syslog-ng-3.8.1-2.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:7007	P	Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP1) (Important)	2021-12-14
oval:org.opensuse.security:def:106871	P	syslog-ng-3.8.1-2.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:6907	P	Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP1) (Important)	2021-06-18
oval:org.opensuse.security:def:36497	P	libtunepimp-0.5.3-126.25 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36539	P	popt-devel-1.7-37.63.64.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:13240	P	syslog-ng-3.4.5-3.2 on GA media (Moderate)	2021-04-29
oval:org.opensuse.security:def:46360	P	syslog-ng-3.4.5-3.2 on GA media (Moderate)	2021-04-29
oval:org.opensuse.security:def:6888	P	Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1) (Important)	2021-04-28
oval:org.opensuse.security:def:7071	P	Security update for the Linux Kernel (Important)	2021-04-16
oval:org.opensuse.security:def:7058	P	Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP2) (Important)	2021-04-07
oval:org.opensuse.security:def:6873	P	Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP1) (Important)	2021-04-07
oval:org.opensuse.security:def:6982	P	Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP1) (Important)	2021-02-10
oval:org.opensuse.security:def:7049	P	Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:35815	P	qt3-3.3.8b-88.21 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35699	P	freeradius-server-2.1.1-7.10.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35787	P	mutt-1.5.17-42.33.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35859	P	aaa_base-11-6.90.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35640	P	sudo-1.6.9p17-21.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35748	P	libgnomesu-1.0.0-307.10.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35096	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:35333	P	Security update for mono-core (Moderate)	2020-12-01
oval:org.opensuse.security:def:6758	P	libsoup-2_4-1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35480	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:6826	P	python-pywbem on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6750	P	libraptor2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35012	P	Security update for gpg2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:35232	P	Security update for MySQL	2020-12-01
oval:org.opensuse.security:def:35000	P	Recommended update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:7040	P	libgcrypt20 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35390	P	Security update for openldap2	2020-12-01
oval:org.opensuse.security:def:6780	P	libwmf-0_2-7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:35001	P	Security update for glibc (Moderate)	2020-12-01
oval:com.ubuntu.xenial:def:201103430000000	V	CVE-2011-0343 on Ubuntu 16.04 LTS (xenial) - low.	2011-01-28
oval:com.ubuntu.artful:def:20110343000	V	CVE-2011-0343 on Ubuntu 17.10 (artful) - low.	2011-01-28
oval:com.ubuntu.xenial:def:20110343000	V	CVE-2011-0343 on Ubuntu 16.04 LTS (xenial) - low.	2011-01-28
oval:com.ubuntu.bionic:def:20110343000	V	CVE-2011-0343 on Ubuntu 18.04 LTS (bionic) - low.	2011-01-28
oval:com.ubuntu.precise:def:20110343000	V	CVE-2011-0343 on Ubuntu 12.04 LTS (precise) - low.	2011-01-28
oval:com.ubuntu.bionic:def:201103430000000	V	CVE-2011-0343 on Ubuntu 18.04 LTS (bionic) - low.	2011-01-28
oval:com.ubuntu.trusty:def:20110343000	V	CVE-2011-0343 on Ubuntu 14.04 LTS (trusty) - low.	2011-01-28

BACK