ID de Prueba:	1.3.6.1.4.1.25623.1.0.51553
Categoría:	Conectiva Local Security Checks
Título:	Conectiva Security Advisory CLA-2002:547
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory CLA-2002:547. syslog-ng[1] is a syslog replacement with several enhancements and new features. syslog-ng has a buffer overflow vulnerability[4] that could be exploited by remote attackers if certain conditions are met. The vulnerability lies in the code which deals with macro expansion in the syslog-ng.conf configuration file. For example, one common configuration which uses macros could be the following: destination d_messages_by_host {file(/var/log/$HOST/messages) } This configuration would replace the $HOST part with the hostname of the machine sending the log. When dealing with this expansion, syslog-ng fails to account for characters which are not part of the macro, which leads to incorrect bounds checking and a possible buffer overflow if there are enough non-macro characters being used. Only users who use some sort of macro expansion in the configuration file are vulnerable to this problem. This is not the default configuration of the package. Solution: The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade' http://www.securityspace.com/smysecure/catid.html?in=CLA-2002:547 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=002002 Risk factor : High
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.