CVE-2011-0343
- Source
- https://cve.org/CVERecord?id=CVE-2011-0343
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2011-0343.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2011-0343
- Downstream
- Related
- Published
- 2011-01-28T16:00:03Z
- Modified
- 2026-04-10T03:41:39.284632Z
- Summary
- [none]
- Details
-
Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files.
- References
-
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608491
- http://www.securityfocus.com/archive/1/515955/100/0/threaded
- http://www.securityfocus.com/bid/45988
- https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
- https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608491