Executive Summary
| Summary | |
|---|---|
| Title | New logcheck packages fix insecure temporary directory |
| Informations | |||
|---|---|---|---|
| Name | DSA-488 | First vendor Publication | 2004-04-16 |
| Vendor | Debian | Last vendor Modification | 2004-04-16 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:H/Au:N/C:N/I:P/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 1.2 | Attack Range | Local |
| Cvss Impact Score | 2.9 | Attack Complexity | High |
| Cvss Expoit Score | 1.9 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Christian Jaeger reported a bug in logcheck which could potentially be exploited by a local user to overwrite files with root privileges. logcheck utilized a temporary directory under /var/tmp without taking security precautions. While this directory is created when logcheck is installed, and while it exists there is no vulnerability, if at any time this directory is removed, the potential for exploitation exists. For the current stable distribution (woody) this problem has been fixed in version 1.1.1-13.1woody1. For the unstable distribution (sid), this problem has been fixed in version 1.1.1-13.2. We recommend that you update your logcheck package. |
Original Source
| Url : http://www.debian.org/security/2004/dsa-488 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-01-17 | Name : Debian Security Advisory DSA 488-1 (logcheck) File : nvt/deb_488_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 5495 | logcheck Insecure Creation of Temporary Directory |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2004-12-23 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2004-155.nasl - Type : ACT_GATHER_INFO |
| 2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-488.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:33:15 |
|
