Test ID:	1.3.6.1.4.1.25623.1.0.122228
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2011-0324)
Summary:	The remote host is missing an update for the 'logwatch' package(s) announced via the ELSA-2011-0324 advisory.
Description:	Summary: The remote host is missing an update for the 'logwatch' package(s) announced via the ELSA-2011-0324 advisory. Vulnerability Insight: [7.3.6-49] - Added fix for CVE-2011-1018: Privilege escalation due improper sanitization of special characters in log file names Resolves: #680304 Affected Software/OS: 'logwatch' package(s) on Oracle Linux 5, Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1018 1025165 http://www.securitytracker.com/id?1025165 43356 http://secunia.com/advisories/43356 43495 http://secunia.com/advisories/43495 43622 http://secunia.com/advisories/43622 43644 http://secunia.com/advisories/43644 43734 http://secunia.com/advisories/43734 46554 http://www.securityfocus.com/bid/46554 ADV-2011-0533 http://www.vupen.com/english/advisories/2011/0533 ADV-2011-0581 http://www.vupen.com/english/advisories/2011/0581 ADV-2011-0596 http://www.vupen.com/english/advisories/2011/0596 DSA-2182 http://www.debian.org/security/2011/dsa-2182 FEDORA-2011-2318 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055585.html FEDORA-2011-2328 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055579.html FEDORA-2011-2396 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055617.html RHSA-2011:0324 http://www.redhat.com/support/errata/RHSA-2011-0324.html SUSE-SR:2011:005 http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html USN-1078-1 http://www.ubuntu.com/usn/USN-1078-1 [Logwatch-devel] 20110216 Remote command execution issue with root privileges http://sourceforge.net/mailarchive/forum.php?thread_name=4D604843.7040303%40mblmail.net&forum_name=logwatch-devel [oss-security] 20110224 CVE Request -- logwatch: Privilege escalation due improper sanitization of special characters in log file names http://www.openwall.com/lists/oss-security/2011/02/24/13 [oss-security] 20110224 Re: CVE Request -- logwatch: Privilege escalation due improper sanitization of special characters in log file names http://www.openwall.com/lists/oss-security/2011/02/24/15 http://logwatch.svn.sourceforge.net/viewvc/logwatch/scripts/logwatch.pl?r1=3&r2=26&pathrev=26 http://sourceforge.net/tracker/?func=detail&aid=3184223&group_id=312875&atid=1316824 https://bugzilla.redhat.com/show_bug.cgi?id=680237
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.