VYPR
Unrated severityNVD Advisory· Published Jan 28, 2011· Updated Jun 16, 2026

CVE-2011-0343

CVE-2011-0343

Description

Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng to use a default value of -1 to create log files with insecure permissions (07777), which allows local users to read and write to these log files.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • cpe:2.3:a:oneidentity:syslog-ng:2.0:*:*:*:open_source:*:*:*+ 8 more
    • cpe:2.3:a:oneidentity:syslog-ng:2.0:*:*:*:open_source:*:*:*
    • cpe:2.3:a:oneidentity:syslog-ng:2.0:*:*:*:premium:*:*:*
    • cpe:2.3:a:oneidentity:syslog-ng:3.0:*:*:*:open_source:*:*:*
    • cpe:2.3:a:oneidentity:syslog-ng:3.0:*:*:*:premium:*:*:*
    • cpe:2.3:a:oneidentity:syslog-ng:3.1:*:*:*:open_source:*:*:*
    • cpe:2.3:a:oneidentity:syslog-ng:3.1:*:*:*:premium:*:*:*
    • cpe:2.3:a:oneidentity:syslog-ng:3.2:*:*:*:open_source:*:*:*
    • cpe:2.3:a:oneidentity:syslog-ng:3.2:*:*:*:premium:*:*:*
    • (no CPE)range: 2.0, 3.0, 3.1, 3.2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.