FreeBSD : syslog-ng2 -- startup directory leakage in the chroot environment (75f2382e-b586-11dd-95f9-00e0815b8da8)

This script is Copyright (C) 2008-2013 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

Florian Grandel reports :

I have not had the time to analyze all of syslog-ng code. But by
reading the code section near the chroot call and looking at strace
results I believe that syslog-ng does not chdir to the chroot jail's
location before chrooting into it.

This opens up ways to work around the chroot jail.

See also :

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 34816 (freebsd_pkg_75f2382eb58611dd95f900e0815b8da8.nasl)

Bugtraq ID:

CVE ID: CVE-2008-5110

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now