VULHUB ™

Under some configurations the BSM audit_warn(1M) script does not email errors or warning messages that are generated by the audit daemon. An attacker may take advantage of this issue when exploiting a vulnerability. Due to the nature of the application, this would create a false sense of security as the administrator would not receive potentially security related errors or warning messages.

Under some configurations the BSM audit_warn(1M) script does not email errors or warning messages that are generated by the audit daemon. An attacker may take advantage of this issue when exploiting a vulnerability. Due to the nature of the application, this would create a false sense of security as the administrator would not receive potentially security related errors or warning messages.