CVE-2011-0343

Name of the Vulnerable Software and Affected Versions Balabit syslog-ng versions 2.0, 3.0, 3.1, 3.2 OSE and PE

Description The issue is related to improper cast operations when running on certain operating systems, resulting in the creation of log files with insecure permissions. This allows local users to read and write to these log files.

Recommendations For Balabit syslog-ng versions 2.0, 3.0, 3.1, 3.2 OSE and PE, consider changing the default permissions to a more secure setting to prevent unauthorized access to log files.