Multiple vulnerabilities have been found in OSSEC, the worst of which could result in the arbitrary execution of code.
Package | net-analyzer/ossec-hids on all architectures |
---|---|
Affected versions | < 3.6.0 |
Unaffected versions | >= 3.6.0 |
OSSEC is a full platform to monitor and control your system(s).
Multiple vulnerabilities have been discovered in OSSEC. Please review the CVE identifiers referenced below for details.
Please review the referenced CVE identifiers for details.
There is no known workaround at this time.
All OSSEC users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-analyzer/ossec-hids-3.6.0"
Release date
July 27, 2020
Latest revision
July 27, 2020: 1
Severity
high
Exploitable
local, remote
Bugzilla entries