RHSA-2002:053: Race conditions in logwatch
Description
Updated LogWatch packages are available that fix tmp file race conditions which can cause a local user to gain root privileges.
LogWatch is a customizable log analysis system which is used by default in Red Hat Linux 7.2. Versions of LogWatch 2.1.1 and earlier have a vulnerability due to a race condition during the creation of a temporary directory. This vulnerability can allow a local user to gain root privileges. An additional race condition was found in versions of LogWatch 2.5 and earlier. Users should update to the errata packages containing Logwatch 2.6, which are not vulnerable to these issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2002-0162 and CAN-2002-0165 to these issues.
Solution(s)
- redhat-upgrade-logwatch
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center