Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Gentoo 200903-40 Normal: Analog DoS Risk And Resolution

gentoo
Calendar Grey March 29, 2009
Dist Gentoo Esm H88
Explore potential Denial of Service weaknesses in Analog on Gentoo systems, and discover effective strategies for bolstering security.
A Denial of Service vulnerability was discovered in Analog.

Summary

Gentoo Linux Security Advisory GLSA 200903-40 https://security.gentoo.org/ Severity: Normal Title: Analog: Denial of Service Date: March 29, 2009 Bugs: #249140 ID: 200903-40

Synopsis ======= A Denial of Service vulnerability was discovered in Analog.
Background ========= Analog is a a webserver log analyzer.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-admin/analog < 6.0-r2 >= 6.0-r2
========== Diego E. Petteno reported that the Analog package in Gentoo is built with its own copy of bzip2, making it vulnerable to CVE-2008-1372 (GLSA 200804-02).
Impact ===== A local attacker could place specially crafted log files into a log directory being analyzed...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service gentoo linux analog normal severity advisory report

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory denial of service gentoo linux analog normal severity advisory report

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here