Detections
Analytics

Debian DSA-513-1 : log2mail - format string

critical Nessus Plugin ID 15350

Synopsis

The remote Debian host is missing a security-related update.

Description

[email protected] discovered a format string vulnerability in log2mail, whereby a user able to log a specially crafted message to a logfile monitored by log2mail (for example, via syslog) could cause arbitrary code to be executed with the privileges of the log2mail process. By default, this process runs as user 'log2mail', which is a member of group 'adm' (which has access to read system logfiles).

 CAN-2004-0450: log2mail format string vulnerability via syslog(3) in printlog()

Solution

For the current stable distribution (woody), this problem has been fixed in version 0.2.5.2.

We recommend that you update your log2mail package.

See Also

http://www.debian.org/security/2004/dsa-513

Plugin Details

Severity: Critical

ID: 15350

File Name: debian_DSA-513.nasl

Version: 1.22

Type: local

Agent: unix

Published: 9/29/2004

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:log2mail, cpe:/o:debian:debian_linux:3.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 6/3/2004

Vulnerability Publication Date: 6/7/2004

Reference Information

CVE: CVE-2004-0450

BID: 10460

DSA: 513