ソフト名:BalaBit IT syslog-ng 3.0.10未満/3.1.4未満/3.2.2未満, BalaBit IT syslog-ng Premium Edition 3.0.6a未満/3.2.1a未満
回避策:アップデートにて対応
脆弱性:データ操作, 機密情報の奪取
ソース:http://www.balabit.com/network-security/syslog-ng/
http://www.balabit.com/network-security/syslog-ng/central-syslog-server
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000103.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000104.html
https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000105.html
http://secunia.com/advisories/42995/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0343
CVE:CVE-2011-0343
危険性:Medium Risk
登録:
コメントの投稿 (Atom)
0 件のコメント:
コメントを投稿