ソフト名:BalaBit IT syslog-ng Premium Edition 3.0.6a未満/3.2.1a未満
回避策:アップデートにて対応
脆弱性:データ操作, DoS攻撃, 不正アクセス, アプリケーションのクラッシュ, TLSプロトコルエラー, マンインミドル攻撃, 不正HTTPのリクエスト, 二重解放エラー, リモートコード実行, バッファオーバーフロー
ソース:http://www.balabit.com/network-security/syslog-ng/central-syslog-server
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
http://secunia.com/advisories/34411/
http://secunia.com/advisories/37291/
http://secunia.com/advisories/38807/
http://secunia.com/advisories/40000/
http://secunia.com/advisories/42243/
http://secunia.com/advisories/43082/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3245
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0433
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0742
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3864
CVE:CVE-2009-0590, CVE-2009-2409, CVE-2009-3245, CVE-2010-0433, CVE-2010-0740, CVE-2010-0742, CVE-2010-3864
危険性:Medium Risk
ラベル BalaBit IT syslog-ng Premium Edition の投稿を表示しています。 すべての投稿を表示
ラベル BalaBit IT syslog-ng Premium Edition の投稿を表示しています。 すべての投稿を表示
2011-01-26
BalaBit IT syslog-ng, BalaBit IT syslog-ng Premium Edition
ソフト名:BalaBit IT syslog-ng 3.0.10未満/3.1.4未満/3.2.2未満, BalaBit IT syslog-ng Premium Edition 3.0.6a未満/3.2.1a未満
回避策:アップデートにて対応
脆弱性:データ操作, 機密情報の奪取
ソース:http://www.balabit.com/network-security/syslog-ng/
http://www.balabit.com/network-security/syslog-ng/central-syslog-server
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000103.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000104.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000105.html
http://secunia.com/advisories/42995/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0343
CVE:CVE-2011-0343
危険性:Medium Risk
回避策:アップデートにて対応
脆弱性:データ操作, 機密情報の奪取
ソース:http://www.balabit.com/network-security/syslog-ng/
http://www.balabit.com/network-security/syslog-ng/central-syslog-server
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000103.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000104.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000105.html
http://secunia.com/advisories/42995/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0343
CVE:CVE-2011-0343
危険性:Medium Risk
登録:
投稿 (Atom)
