GLSA-200907-10 : Syslog-ng: Chroot escape
High Nessus Plugin ID 39781
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200907-10 (Syslog-ng: Chroot escape)
Florian Grandel reported that Syslog-ng does not call chdir() before chroot() which leads to an inherited file descriptor to the current working directory.
A local attacker might exploit a separate vulnerability in Syslog-ng and use this vulnerability to escape the chroot jail.
There is no known workaround at this time.
SolutionAll Syslog-ng 2.0 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=app-admin/syslog-ng-2.0.10' All Syslog-ng 2.1 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=app-admin/syslog-ng-2.1.3'