漏洞类别:Local
漏洞等级: 
漏洞信息
LogWatch is a log management application which helps in daily analyses and reporting of activities taking place on a machine.
LogWatch is vulnerable to arbitrary code execution vulnerability which can be exploited via a symlink attack on the logwatch temporary directory.(CVE-2002-0162)
Another type of symlink attack can allow local users to gain root privileges. (CVE-2002-0165)
Affected Versions:
LogWatch Versions 2.5 and prior
QID detection Logic (authenticated):
The qid flags when it finds a vulnerable version of LogWatch package on the target.
Vulnerable Versions: v2.5 and prior
漏洞危害
Successful exploitation of the vulnerabilities allows privilege escalation and execution of arbitrary code.
解决方案
Customers are advised to update to the latest version of LogWatch.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论