Fedora 10 : ntop-3.3.8-3.fc10 (2009-2805)

high Nessus Plugin ID 37197

Synopsis

The remote Fedora host is missing a security update.

Description

ls -lh /var/log/ntop/access.log -rw-rw-rw- 1 root root 0 2009-02-04 11:53 /var/log/ntop/access.log Fixed. log world-writable when the
--access-log- file option is used. This option is not used in Fedora or Red Hat by default and is not noted in the configuration file. It is, however, noted in the ntop manpage. It would require the root user to add this option to the configuration in order for this file to be created.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected ntop package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=490561

http://www.nessus.org/u?7828fe4e

Plugin Details

Severity: High

ID: 37197

File Name: fedora_2009-2805.nasl

Version: 1.11

Type: local

Agent: unix

Published: 4/23/2009

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:ntop, cpe:/o:fedoraproject:fedora:10

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 3/18/2009

Reference Information

FEDORA: 2009-2805