CVE-2008-5110 (syslog-ng)

Leave a reply

syslog-ng does not call chdir when it calls chroot, which might allow attackers to escape the intended jail. NOTE: this is only a vulnerability when a separate vulnerability is present.

View Full Alert

Related Posts

  • CVE-2008-7321

    The tubepress plugin before 1.6.5 for WordPress has XSS. View Full Alert

  • CVE-2008-7273

    A symlink issue exists in Iceweasel-firegpg before 0.6 due to insecure tempfile handling. View Full Alert

  • CVE-2008-7314

    mIRC before 6.35 allows attackers to cause a denial of service (crash) via a long nickname. View Full Alert

Leave a Reply