Logwatch Log File - Special Characters Local Privilege Escalation Vulnerability
2011-02-24T00:00:00
ID EDB-ID:35386 Type exploitdb Reporter Dominik George Modified 2011-02-24T00:00:00
Description
Logwatch Log File Special Characters Local Privilege Escalation Vulnerability. CVE-2011-1018 . Remote exploit for linux platform
source: http://www.securityfocus.com/bid/46554/info
Logwatch is prone to a local privilege-escalation vulnerability.
Local attackers can exploit this issue execute arbitrary code with superuser privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.
% echo "fake" > â??/var/log/httpd/fakee;who;access_log.2â??
{"id": "EDB-ID:35386", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Logwatch Log File - Special Characters Local Privilege Escalation Vulnerability", "description": "Logwatch Log File Special Characters Local Privilege Escalation Vulnerability. CVE-2011-1018 . Remote exploit for linux platform", "published": "2011-02-24T00:00:00", "modified": "2011-02-24T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/35386/", "reporter": "Dominik George", "references": [], "cvelist": ["CVE-2011-1018"], "lastseen": "2016-02-04T01:11:59", "viewCount": 509, "enchantments": {"score": {"value": 5.4, "vector": "NONE", "modified": "2016-02-04T01:11:59", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-1018"]}, {"type": "nessus", "idList": ["SUSE_11_LOGWATCH-110325.NASL", "ORACLELINUX_ELSA-2011-0324.NASL", "FEDORA_2011-2396.NASL", "REDHAT-RHSA-2011-0324.NASL", "DEBIAN_DSA-2182.NASL", "SL_20110307_LOGWATCH_ON_SL5_X.NASL", "CENTOS_RHSA-2011-0324.NASL", "SUSE_11_3_LOGWATCH-110325.NASL", "FEDORA_2011-2328.NASL", "GENTOO_GLSA-201203-20.NASL"]}, {"type": "redhat", "idList": ["RHSA-2011:0324"]}, {"type": "openvas", "idList": ["OPENVAS:862901", "OPENVAS:1361412562310862901", "OPENVAS:1361412562310881368", "OPENVAS:862894", "OPENVAS:881368", "OPENVAS:1361412562310870409", "OPENVAS:136141256231071306", "OPENVAS:1361412562310122228", "OPENVAS:1361412562310880540", "OPENVAS:71306"]}, {"type": "gentoo", "idList": ["GLSA-201203-20"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:25864", "SECURITYVULNS:VULN:11482"]}, {"type": "centos", "idList": ["CESA-2011:0324"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0324"]}, {"type": "ubuntu", "idList": ["USN-1078-1"]}], "modified": "2016-02-04T01:11:59", "rev": 2}, "vulnersScore": 5.4}, "sourceHref": "https://www.exploit-db.com/download/35386/", "sourceData": "source: http://www.securityfocus.com/bid/46554/info\r\n\r\nLogwatch is prone to a local privilege-escalation vulnerability.\r\n\r\nLocal attackers can exploit this issue execute arbitrary code with superuser privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition. \r\n\r\n% echo \"fake\" > \u0102\u02d8??/var/log/httpd/fakee;who;access_log.2\u0102\u02d8?? ", "osvdbidlist": ["71358"]}
{"cve": [{"lastseen": "2020-10-03T11:39:25", "description": "logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.", "edition": 3, "cvss3": {}, "published": "2011-02-25T19:00:00", "title": "CVE-2011-1018", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1018"], "modified": "2014-02-12T04:27:00", "cpe": ["cpe:/a:logwatch:logwatch:7.3.6"], "id": "CVE-2011-1018", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1018", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:logwatch:logwatch:7.3.6:*:*:*:*:*:*:*"]}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:36", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1018"], "description": "[7.3.6-49]\n- Added fix for CVE-2011-1018: Privilege escalation due improper\n sanitization of special characters in log file names\n Resolves: #680304", "edition": 4, "modified": "2011-03-07T00:00:00", "published": "2011-03-07T00:00:00", "id": "ELSA-2011-0324", "href": "http://linux.oracle.com/errata/ELSA-2011-0324.html", "title": "logwatch security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-09T01:40:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1018"], "description": "Dominik George discovered that logwatch did not properly sanitize \nlog file names that were passed to the shell as part of a command. \nIf a remote attacker were able to generate specially crafted filenames \n(for example, via Samba logging), they could execute arbitrary code \nwith root privileges.", "edition": 5, "modified": "2011-03-01T00:00:00", "published": "2011-03-01T00:00:00", "id": "USN-1078-1", "href": "https://ubuntu.com/security/notices/USN-1078-1", "title": "Logwatch vulnerability", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-27T10:55:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "description": "Check for the Version of logwatch", "modified": "2017-07-12T00:00:00", "published": "2011-03-15T00:00:00", "id": "OPENVAS:870409", "href": "http://plugins.openvas.org/nasl.php?oid=870409", "type": "openvas", "title": "RedHat Update for logwatch RHSA-2011:0324-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for logwatch RHSA-2011:0324-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Logwatch is a customizable log analysis system. Logwatch parses through\n your system's logs for a given period of time and creates a report\n analyzing areas that you specify, in as much detail as you require.\n\n A flaw was found in the way Logwatch processed log files. If an attacker\n were able to create a log file with a malicious file name, it could result\n in arbitrary code execution with the privileges of the root user when that\n log file is analyzed by Logwatch. (CVE-2011-1018)\n \n Users of logwatch should upgrade to this updated package, which contains a\n backported patch to resolve this issue.\";\n\ntag_affected = \"logwatch on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-March/msg00012.html\");\n script_id(870409);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-15 14:58:18 +0100 (Tue, 15 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:0324-01\");\n script_cve_id(\"CVE-2011-1018\");\n script_name(\"RedHat Update for logwatch RHSA-2011:0324-01\");\n\n script_summary(\"Check for the Version of logwatch\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"logwatch\", rpm:\"logwatch~7.3~9.el5_6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:27:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1078-1", "modified": "2017-12-01T00:00:00", "published": "2011-03-07T00:00:00", "id": "OPENVAS:840603", "href": "http://plugins.openvas.org/nasl.php?oid=840603", "type": "openvas", "title": "Ubuntu Update for logwatch vulnerability USN-1078-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1078_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for logwatch vulnerability USN-1078-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Dominik George discovered that logwatch did not properly sanitize\n log file names that were passed to the shell as part of a command.\n If a remote attacker were able to generate specially crafted filenames\n (for example, via Samba logging), they could execute arbitrary code\n with root privileges.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1078-1\";\ntag_affected = \"logwatch vulnerability on Ubuntu 8.04 LTS ,\n Ubuntu 9.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1078-1/\");\n script_id(840603);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1078-1\");\n script_cve_id(\"CVE-2011-1018\");\n script_name(\"Ubuntu Update for logwatch vulnerability USN-1078-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"logwatch\", ver:\"7.3.6.cvs20090906-1ubuntu1.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"logwatch\", ver:\"7.3.6.cvs20090906-1ubuntu3.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"logwatch\", ver:\"7.3.6.cvs20090906-1ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"logwatch\", ver:\"7.3.6-1ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1078-1", "modified": "2019-03-13T00:00:00", "published": "2011-03-07T00:00:00", "id": "OPENVAS:1361412562310840603", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840603", "type": "openvas", "title": "Ubuntu Update for logwatch vulnerability USN-1078-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1078_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for logwatch vulnerability USN-1078-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1078-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840603\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-07 06:45:55 +0100 (Mon, 07 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1078-1\");\n script_cve_id(\"CVE-2011-1018\");\n script_name(\"Ubuntu Update for logwatch vulnerability USN-1078-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(9\\.10|10\\.10|10\\.04 LTS|8\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1078-1\");\n script_tag(name:\"affected\", value:\"logwatch vulnerability on Ubuntu 8.04 LTS,\n Ubuntu 9.10,\n Ubuntu 10.04 LTS,\n Ubuntu 10.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Dominik George discovered that logwatch did not properly sanitize\n log file names that were passed to the shell as part of a command.\n If a remote attacker were able to generate specially crafted filenames\n (for example, via Samba logging), they could execute arbitrary code\n with root privileges.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU9.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"logwatch\", ver:\"7.3.6.cvs20090906-1ubuntu1.1\", rls:\"UBUNTU9.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"logwatch\", ver:\"7.3.6.cvs20090906-1ubuntu3.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"logwatch\", ver:\"7.3.6.cvs20090906-1ubuntu2.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"logwatch\", ver:\"7.3.6-1ubuntu1.1\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:38", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-03-15T00:00:00", "id": "OPENVAS:1361412562310862894", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862894", "type": "openvas", "title": "Fedora Update for logwatch FEDORA-2011-2318", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for logwatch FEDORA-2011-2318\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055585.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862894\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-15 14:58:18 +0100 (Tue, 15 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-2318\");\n script_cve_id(\"CVE-2011-1018\");\n script_name(\"Fedora Update for logwatch FEDORA-2011-2318\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'logwatch'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"logwatch on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"logwatch\", rpm:\"logwatch~7.3.6~55.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-03-15T00:00:00", "id": "OPENVAS:1361412562310862901", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862901", "type": "openvas", "title": "Fedora Update for logwatch FEDORA-2011-2328", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for logwatch FEDORA-2011-2328\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055579.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862901\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-15 14:58:18 +0100 (Tue, 15 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-2328\");\n script_cve_id(\"CVE-2011-1018\");\n script_name(\"Fedora Update for logwatch FEDORA-2011-2328\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'logwatch'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"logwatch on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"logwatch\", rpm:\"logwatch~7.3.6~60.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "description": "Check for the Version of logwatch", "modified": "2017-07-10T00:00:00", "published": "2011-03-15T00:00:00", "id": "OPENVAS:862894", "href": "http://plugins.openvas.org/nasl.php?oid=862894", "type": "openvas", "title": "Fedora Update for logwatch FEDORA-2011-2318", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for logwatch FEDORA-2011-2318\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"logwatch on Fedora 13\";\ntag_insight = \"Logwatch is a customizable, pluggable log-monitoring system. It will go\n through your logs for a given period of time and make a report in the areas\n that you wish with the detail that you wish. Easy to use - works right out\n of the package on many systems.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055585.html\");\n script_id(862894);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-15 14:58:18 +0100 (Tue, 15 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-2318\");\n script_cve_id(\"CVE-2011-1018\");\n script_name(\"Fedora Update for logwatch FEDORA-2011-2318\");\n\n script_summary(\"Check for the Version of logwatch\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"logwatch\", rpm:\"logwatch~7.3.6~55.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201203-20.", "modified": "2018-10-12T00:00:00", "published": "2012-04-30T00:00:00", "id": "OPENVAS:136141256231071306", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071306", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201203-20 (Logwatch)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201203_20.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71306\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-1018\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:59:57 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201203-20 (Logwatch)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"A vulnerability in Logwatch might allow remote attackers to execute\n arbitrary code.\");\n script_tag(name:\"solution\", value:\"All Logwatch users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-apps/logwatch-7.4.0'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201203-20\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=356387\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201203-20.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"sys-apps/logwatch\", unaffected: make_list(\"ge 7.4.0\"), vulnerable: make_list(\"lt 7.4.0\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2011-03-15T00:00:00", "id": "OPENVAS:1361412562310870409", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870409", "type": "openvas", "title": "RedHat Update for logwatch RHSA-2011:0324-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for logwatch RHSA-2011:0324-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-March/msg00012.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870409\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-15 14:58:18 +0100 (Tue, 15 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:0324-01\");\n script_cve_id(\"CVE-2011-1018\");\n script_name(\"RedHat Update for logwatch RHSA-2011:0324-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'logwatch'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"logwatch on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Logwatch is a customizable log analysis system. Logwatch parses through\n your system's logs for a given period of time and creates a report\n analyzing areas that you specify, in as much detail as you require.\n\n A flaw was found in the way Logwatch processed log files. If an attacker\n were able to create a log file with a malicious file name, it could result\n in arbitrary code execution with the privileges of the root user when that\n log file is analyzed by Logwatch. (CVE-2011-1018)\n\n Users of logwatch should upgrade to this updated package, which contains a\n backported patch to resolve this issue.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"logwatch\", rpm:\"logwatch~7.3~9.el5_6\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:50:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201203-20.", "modified": "2017-07-07T00:00:00", "published": "2012-04-30T00:00:00", "id": "OPENVAS:71306", "href": "http://plugins.openvas.org/nasl.php?oid=71306", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201203-20 (Logwatch)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability in Logwatch might allow remote attackers to execute\n arbitrary code.\";\ntag_solution = \"All Logwatch users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-apps/logwatch-7.4.0'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201203-20\nhttp://bugs.gentoo.org/show_bug.cgi?id=356387\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201203-20.\";\n\n \n \nif(description)\n{\n script_id(71306);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-1018\");\n script_version(\"$Revision: 6589 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 10:27:50 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:59:57 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201203-20 (Logwatch)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"sys-apps/logwatch\", unaffected: make_list(\"ge 7.4.0\"), vulnerable: make_list(\"lt 7.4.0\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:1361412562310880540", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880540", "type": "openvas", "title": "CentOS Update for logwatch CESA-2011:0324 centos5 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for logwatch CESA-2011:0324 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-April/017365.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880540\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"CESA\", value:\"2011:0324\");\n script_cve_id(\"CVE-2011-1018\");\n script_name(\"CentOS Update for logwatch CESA-2011:0324 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'logwatch'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"logwatch on CentOS 5\");\n script_tag(name:\"insight\", value:\"Logwatch is a customizable log analysis system. Logwatch parses through\n your system's logs for a given period of time and creates a report\n analyzing areas that you specify, in as much detail as you require.\n\n A flaw was found in the way Logwatch processed log files. If an attacker\n were able to create a log file with a malicious file name, it could result\n in arbitrary code execution with the privileges of the root user when that\n log file is analyzed by Logwatch. (CVE-2011-1018)\n\n Users of logwatch should upgrade to this updated package, which contains a\n backported patch to resolve this issue.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"logwatch\", rpm:\"logwatch~7.3~9.el5_6\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:29", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1018"], "edition": 1, "description": "### Background\n\nLogwatch analyzes and reports on system logs.\n\n### Description\n\nlogwatch.pl does not properly sanitize log filenames against shell metacharacters before passing them to the \"system()\" function. \n\n### Impact\n\nA remote attacker could pass a specially crafted log filename to Logwatch, possibly resulting in execution of arbitrary code with root privileges or a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Logwatch users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=sys-apps/logwatch-7.4.0\"", "modified": "2012-03-28T00:00:00", "published": "2012-03-28T00:00:00", "id": "GLSA-201203-20", "href": "https://security.gentoo.org/glsa/201203-20", "type": "gentoo", "title": "Logwatch: Arbitrary code execution", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2020-07-17T03:28:13", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1018"], "description": "**CentOS Errata and Security Advisory** CESA-2011:0324\n\n\nLogwatch is a customizable log analysis system. Logwatch parses through\nyour system's logs for a given period of time and creates a report\nanalyzing areas that you specify, in as much detail as you require.\n\nA flaw was found in the way Logwatch processed log files. If an attacker\nwere able to create a log file with a malicious file name, it could result\nin arbitrary code execution with the privileges of the root user when that\nlog file is analyzed by Logwatch. (CVE-2011-1018)\n\nUsers of logwatch should upgrade to this updated package, which contains a\nbackported patch to resolve this issue.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-April/029403.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-April/029404.html\n\n**Affected packages:**\nlogwatch\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-0324.html", "edition": 5, "modified": "2011-04-14T23:48:13", "published": "2011-04-14T23:48:13", "href": "http://lists.centos.org/pipermail/centos-announce/2011-April/029403.html", "id": "CESA-2011:0324", "title": "logwatch security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:39", "bulletinFamily": "software", "cvelist": ["CVE-2011-1018"], "description": "===========================================================\r\nUbuntu Security Notice USN-1078-1 March 01, 2011\r\nlogwatch vulnerability\r\nCVE-2011-1018\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 8.04 LTS\r\nUbuntu 9.10\r\nUbuntu 10.04 LTS\r\nUbuntu 10.10\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 8.04 LTS:\r\n logwatch 7.3.6-1ubuntu1.1\r\n\r\nUbuntu 9.10:\r\n logwatch 7.3.6.cvs20090906-1ubuntu1.1\r\n\r\nUbuntu 10.04 LTS:\r\n logwatch 7.3.6.cvs20090906-1ubuntu2.1\r\n\r\nUbuntu 10.10:\r\n logwatch 7.3.6.cvs20090906-1ubuntu3.1\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nDetails follow:\r\n\r\nDominik George discovered that logwatch did not properly sanitize\r\nlog file names that were passed to the shell as part of a command.\r\nIf a remote attacker were able to generate specially crafted filenames\r\n(for example, via Samba logging), they could execute arbitrary code\r\nwith root privileges.\r\n\r\n\r\nUpdated packages for Ubuntu 8.04 LTS:\r\n\r\n Source archives:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6-1ubuntu1.1.diff.gz\r\n Size/MD5: 15656 31f40f13457aeb20f21c2cfd2ad460b8\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6-1ubuntu1.1.dsc\r\n Size/MD5: 1413 037612770004ad6b553b8c5b02840350\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6.orig.tar.gz\r\n Size/MD5: 297296 937d982006b2a76a83edfcfd2e5a9d7d\r\n\r\n Architecture independent packages:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6-1ubuntu1.1_all.deb\r\n Size/MD5: 307458 da69f492898cee9560bb752b87e8af1c\r\n\r\nUpdated packages for Ubuntu 9.10:\r\n\r\n Source archives:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6.cvs20090906-1ubuntu1.1.diff.gz\r\n Size/MD5: 87133 eb1efb5614967c87dcee5a0627db91a2\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6.cvs20090906-1ubuntu1.1.dsc\r\n Size/MD5: 1932 b32ef1d8ada8a539c73a6e8da732a7c8\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6.cvs20090906.orig.tar.gz\r\n Size/MD5: 338115 b12229916e0a5891a8c1da59afb61e40\r\n\r\n Architecture independent packages:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6.cvs20090906-1ubuntu1.1_all.deb\r\n Size/MD5: 400012 6a943f596ed79064930b328a7058357e\r\n\r\nUpdated packages for Ubuntu 10.04 LTS:\r\n\r\n Source archives:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6.cvs20090906-1ubuntu2.1.diff.gz\r\n Size/MD5: 87803 0bba6a4701307c1abb9fea16c15c11fd\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6.cvs20090906-1ubuntu2.1.dsc\r\n Size/MD5: 1932 d87291a904f97e6c13dc15f0c996eeb4\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6.cvs20090906.orig.tar.gz\r\n Size/MD5: 338115 b12229916e0a5891a8c1da59afb61e40\r\n\r\n Architecture independent packages:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6.cvs20090906-1ubuntu2.1_all.deb\r\n Size/MD5: 401512 d68a24ddbbfde6880fdbff79290bf344\r\n\r\nUpdated packages for Ubuntu 10.10:\r\n\r\n Source archives:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6.cvs20090906-1ubuntu3.1.diff.gz\r\n Size/MD5: 90181 971dda35e4fa086a1bab9b9d7814a0df\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6.cvs20090906-1ubuntu3.1.dsc\r\n Size/MD5: 1932 388d1296df12dc1f46d0ddebfe6bf6ae\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6.cvs20090906.orig.tar.gz\r\n Size/MD5: 338115 b12229916e0a5891a8c1da59afb61e40\r\n\r\n Architecture independent packages:\r\n\r\n \r\nhttp://security.ubuntu.com/ubuntu/pool/main/l/logwatch/logwatch_7.3.6.cvs20090906-1ubuntu3.1_all.deb\r\n Size/MD5: 398960 d7967323e366778cc5c79701aa1dc156\r\n\r\n", "edition": 1, "modified": "2011-03-03T00:00:00", "published": "2011-03-03T00:00:00", "id": "SECURITYVULNS:DOC:25864", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25864", "title": "[USN-1078-1] Logwatch vulnerability", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:41", "bulletinFamily": "software", "cvelist": ["CVE-2011-1018"], "description": "Shell characters vulnerability on filenames.", "edition": 1, "modified": "2011-03-03T00:00:00", "published": "2011-03-03T00:00:00", "id": "SECURITYVULNS:VULN:11482", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11482", "title": "logwatch shell characters vulnerability", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-08-13T18:47:03", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1018"], "description": "Logwatch is a customizable log analysis system. Logwatch parses through\nyour system's logs for a given period of time and creates a report\nanalyzing areas that you specify, in as much detail as you require.\n\nA flaw was found in the way Logwatch processed log files. If an attacker\nwere able to create a log file with a malicious file name, it could result\nin arbitrary code execution with the privileges of the root user when that\nlog file is analyzed by Logwatch. (CVE-2011-1018)\n\nUsers of logwatch should upgrade to this updated package, which contains a\nbackported patch to resolve this issue.\n", "modified": "2018-06-06T20:24:07", "published": "2011-03-07T05:00:00", "id": "RHSA-2011:0324", "href": "https://access.redhat.com/errata/RHSA-2011:0324", "type": "redhat", "title": "(RHSA-2011:0324) Important: logwatch security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1018"], "description": "Logwatch is a customizable, pluggable log-monitoring system. It will go through your logs for a given period of time and make a report in the areas that you wish with the detail that you wish. Easy to use - works right out of the package on many systems. ", "modified": "2011-03-10T20:50:01", "published": "2011-03-10T20:50:01", "id": "FEDORA:774C3110924", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: logwatch-7.3.6-55.fc13", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1018"], "description": "Logwatch is a customizable, pluggable log-monitoring system. It will go through your logs for a given period of time and make a report in the areas that you wish with the detail that you wish. Easy to use - works right out of the package on many systems. ", "modified": "2011-03-11T06:09:05", "published": "2011-03-11T06:09:05", "id": "FEDORA:36D5B1106B3", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: logwatch-7.3.6-66.20110203svn25.fc15", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1018"], "description": "Logwatch is a customizable, pluggable log-monitoring system. It will go through your logs for a given period of time and make a report in the areas that you wish with the detail that you wish. Easy to use - works right out of the package on many systems. ", "modified": "2011-03-10T20:49:05", "published": "2011-03-10T20:49:05", "id": "FEDORA:D5DF9110691", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: logwatch-7.3.6-60.fc14", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-07T10:53:32", "description": "The remote host is affected by the vulnerability described in GLSA-201203-20\n(Logwatch: Arbitrary code execution)\n\n logwatch.pl does not properly sanitize log filenames against shell\n metacharacters before passing them to the 'system()' function.\n \nImpact :\n\n A remote attacker could pass a specially crafted log filename to\n Logwatch, possibly resulting in execution of arbitrary code with root\n privileges or a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 22, "published": "2012-06-21T00:00:00", "title": "GLSA-201203-20 : Logwatch: Arbitrary code execution", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "modified": "2012-06-21T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:logwatch"], "id": "GENTOO_GLSA-201203-20.NASL", "href": "https://www.tenable.com/plugins/nessus/59612", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201203-20.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59612);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-1018\");\n script_bugtraq_id(46554);\n script_xref(name:\"GLSA\", value:\"201203-20\");\n\n script_name(english:\"GLSA-201203-20 : Logwatch: Arbitrary code execution\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201203-20\n(Logwatch: Arbitrary code execution)\n\n logwatch.pl does not properly sanitize log filenames against shell\n metacharacters before passing them to the 'system()' function.\n \nImpact :\n\n A remote attacker could pass a specially crafted log filename to\n Logwatch, possibly resulting in execution of arbitrary code with root\n privileges or a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201203-20\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Logwatch users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=sys-apps/logwatch-7.4.0'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:logwatch\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"sys-apps/logwatch\", unaffected:make_list(\"ge 7.4.0\"), vulnerable:make_list(\"lt 7.4.0\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Logwatch\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:07:48", "description": "The update of logwatch improves the input validation. Before it was\npossible by an attacker to use special characters in a log-file to\nexecute arbitrary commands. (CVSS v2 Base Score: 8.5\n(AV:N/AC:M/Au:S/C:C/I:C/A:C))", "edition": 24, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : logwatch (openSUSE-SU-2011:0242-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:logwatch", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_LOGWATCH-110325.NASL", "href": "https://www.tenable.com/plugins/nessus/75639", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update logwatch-4029.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75639);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1018\");\n\n script_name(english:\"openSUSE Security Update : logwatch (openSUSE-SU-2011:0242-1)\");\n script_summary(english:\"Check for the logwatch-4029 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The update of logwatch improves the input validation. Before it was\npossible by an attacker to use special characters in a log-file to\nexecute arbitrary commands. (CVSS v2 Base Score: 8.5\n(AV:N/AC:M/Au:S/C:C/I:C/A:C))\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=674984\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-03/msg00032.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected logwatch package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:logwatch\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"logwatch-7.3.6-73.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"logwatch\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:26:55", "description": "An updated logwatch package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nLogwatch is a customizable log analysis system. Logwatch parses\nthrough your system's logs for a given period of time and creates a\nreport analyzing areas that you specify, in as much detail as you\nrequire.\n\nA flaw was found in the way Logwatch processed log files. If an\nattacker were able to create a log file with a malicious file name, it\ncould result in arbitrary code execution with the privileges of the\nroot user when that log file is analyzed by Logwatch. (CVE-2011-1018)\n\nUsers of logwatch should upgrade to this updated package, which\ncontains a backported patch to resolve this issue.", "edition": 27, "published": "2011-04-15T00:00:00", "title": "CentOS 5 : logwatch (CESA-2011:0324)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "modified": "2011-04-15T00:00:00", "cpe": ["p-cpe:/a:centos:centos:logwatch", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2011-0324.NASL", "href": "https://www.tenable.com/plugins/nessus/53424", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0324 and \n# CentOS Errata and Security Advisory 2011:0324 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53424);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-1018\");\n script_bugtraq_id(46554);\n script_xref(name:\"RHSA\", value:\"2011:0324\");\n\n script_name(english:\"CentOS 5 : logwatch (CESA-2011:0324)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated logwatch package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nLogwatch is a customizable log analysis system. Logwatch parses\nthrough your system's logs for a given period of time and creates a\nreport analyzing areas that you specify, in as much detail as you\nrequire.\n\nA flaw was found in the way Logwatch processed log files. If an\nattacker were able to create a log file with a malicious file name, it\ncould result in arbitrary code execution with the privileges of the\nroot user when that log file is analyzed by Logwatch. (CVE-2011-1018)\n\nUsers of logwatch should upgrade to this updated package, which\ncontains a backported patch to resolve this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-April/017365.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d33c583c\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-April/017366.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?837d093d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected logwatch package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:logwatch\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/02/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"logwatch-7.3-9.el5_6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"logwatch\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:09:00", "description": "An updated logwatch package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nLogwatch is a customizable log analysis system. Logwatch parses\nthrough your system's logs for a given period of time and creates a\nreport analyzing areas that you specify, in as much detail as you\nrequire.\n\nA flaw was found in the way Logwatch processed log files. If an\nattacker were able to create a log file with a malicious file name, it\ncould result in arbitrary code execution with the privileges of the\nroot user when that log file is analyzed by Logwatch. (CVE-2011-1018)\n\nUsers of logwatch should upgrade to this updated package, which\ncontains a backported patch to resolve this issue.", "edition": 28, "published": "2011-03-08T00:00:00", "title": "RHEL 5 / 6 : logwatch (RHSA-2011:0324)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "modified": "2011-03-08T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:logwatch", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.6", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.0"], "id": "REDHAT-RHSA-2011-0324.NASL", "href": "https://www.tenable.com/plugins/nessus/52578", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0324. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(52578);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1018\");\n script_bugtraq_id(46554);\n script_xref(name:\"RHSA\", value:\"2011:0324\");\n\n script_name(english:\"RHEL 5 / 6 : logwatch (RHSA-2011:0324)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated logwatch package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nLogwatch is a customizable log analysis system. Logwatch parses\nthrough your system's logs for a given period of time and creates a\nreport analyzing areas that you specify, in as much detail as you\nrequire.\n\nA flaw was found in the way Logwatch processed log files. If an\nattacker were able to create a log file with a malicious file name, it\ncould result in arbitrary code execution with the privileges of the\nroot user when that log file is analyzed by Logwatch. (CVE-2011-1018)\n\nUsers of logwatch should upgrade to this updated package, which\ncontains a backported patch to resolve this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1018\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0324\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected logwatch package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:logwatch\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/02/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0324\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"logwatch-7.3-9.el5_6\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"logwatch-7.3.6-49.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"logwatch\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:46:20", "description": "Dominik George discovered that Logwatch does not guard against shell\nmeta-characters in crafted log file names (such as those produced by\nSamba). As a result, an attacker might be able to execute shell\ncommands on the system running Logwatch.", "edition": 16, "published": "2011-03-07T00:00:00", "title": "Debian DSA-2182-1 : logwatch - shell command injection", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "modified": "2011-03-07T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "cpe:/o:debian:debian_linux:5.0", "p-cpe:/a:debian:debian_linux:logwatch"], "id": "DEBIAN_DSA-2182.NASL", "href": "https://www.tenable.com/plugins/nessus/52549", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2182. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(52549);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-1018\");\n script_bugtraq_id(46734);\n script_xref(name:\"DSA\", value:\"2182\");\n\n script_name(english:\"Debian DSA-2182-1 : logwatch - shell command injection\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Dominik George discovered that Logwatch does not guard against shell\nmeta-characters in crafted log file names (such as those produced by\nSamba). As a result, an attacker might be able to execute shell\ncommands on the system running Logwatch.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615995\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/logwatch\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2182\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the logwatch packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 7.3.6.cvs20080702-2lenny1.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 7.3.6.cvs20090906-1squeeze1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:logwatch\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"logwatch\", reference:\"7.3.6.cvs20080702-2lenny1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"logwatch\", reference:\"7.3.6.cvs20090906-1squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:45:32", "description": "A flaw was found in the way Logwatch processed log files. If an\nattacker were able to create a log file with a malicious file name, it\ncould result in arbitrary code execution with the privileges of the\nroot user when that log file is analyzed by Logwatch. (CVE-2011-1018)", "edition": 24, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : logwatch on SL5.x, SL6.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20110307_LOGWATCH_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60980", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60980);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1018\");\n\n script_name(english:\"Scientific Linux Security Update : logwatch on SL5.x, SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way Logwatch processed log files. If an\nattacker were able to create a log file with a malicious file name, it\ncould result in arbitrary code execution with the privileges of the\nroot user when that log file is analyzed by Logwatch. (CVE-2011-1018)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1103&L=scientific-linux-errata&T=0&P=7279\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1719bbed\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected logwatch package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"logwatch-7.3-9.el5_6\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"logwatch-7.3.6-49.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:45:47", "description": "From Red Hat Security Advisory 2011:0324 :\n\nAn updated logwatch package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nLogwatch is a customizable log analysis system. Logwatch parses\nthrough your system's logs for a given period of time and creates a\nreport analyzing areas that you specify, in as much detail as you\nrequire.\n\nA flaw was found in the way Logwatch processed log files. If an\nattacker were able to create a log file with a malicious file name, it\ncould result in arbitrary code execution with the privileges of the\nroot user when that log file is analyzed by Logwatch. (CVE-2011-1018)\n\nUsers of logwatch should upgrade to this updated package, which\ncontains a backported patch to resolve this issue.", "edition": 25, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : logwatch (ELSA-2011-0324)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:logwatch", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2011-0324.NASL", "href": "https://www.tenable.com/plugins/nessus/68219", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0324 and \n# Oracle Linux Security Advisory ELSA-2011-0324 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68219);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1018\");\n script_bugtraq_id(46554);\n script_xref(name:\"RHSA\", value:\"2011:0324\");\n\n script_name(english:\"Oracle Linux 5 / 6 : logwatch (ELSA-2011-0324)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0324 :\n\nAn updated logwatch package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System\n(CVSS) base score, which gives a detailed severity rating, is\navailable from the CVE link in the References section.\n\nLogwatch is a customizable log analysis system. Logwatch parses\nthrough your system's logs for a given period of time and creates a\nreport analyzing areas that you specify, in as much detail as you\nrequire.\n\nA flaw was found in the way Logwatch processed log files. If an\nattacker were able to create a log file with a malicious file name, it\ncould result in arbitrary code execution with the privileges of the\nroot user when that log file is analyzed by Logwatch. (CVE-2011-1018)\n\nUsers of logwatch should upgrade to this updated package, which\ncontains a backported patch to resolve this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-March/001976.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-March/001977.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected logwatch package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:logwatch\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/02/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"logwatch-7.3-9.el5_6\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"logwatch-7.3.6-49.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"logwatch\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:34:24", "description": "Dominik George discovered that logwatch did not properly sanitize log\nfile names that were passed to the shell as part of a command. If a\nremote attacker were able to generate specially crafted filenames (for\nexample, via Samba logging), they could execute arbitrary code with\nroot privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2011-03-01T00:00:00", "title": "Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : logwatch vulnerability (USN-1078-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:9.10", "p-cpe:/a:canonical:ubuntu_linux:logwatch"], "id": "UBUNTU_USN-1078-1.NASL", "href": "https://www.tenable.com/plugins/nessus/52480", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1078-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(52480);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:26\");\n\n script_cve_id(\"CVE-2011-1018\");\n script_bugtraq_id(46554);\n script_xref(name:\"USN\", value:\"1078-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : logwatch vulnerability (USN-1078-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Dominik George discovered that logwatch did not properly sanitize log\nfile names that were passed to the shell as part of a command. If a\nremote attacker were able to generate specially crafted filenames (for\nexample, via Samba logging), they could execute arbitrary code with\nroot privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1078-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected logwatch package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:logwatch\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/02/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|9\\.10|10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 9.10 / 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"logwatch\", pkgver:\"7.3.6-1ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"logwatch\", pkgver:\"7.3.6.cvs20090906-1ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"logwatch\", pkgver:\"7.3.6.cvs20090906-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"logwatch\", pkgver:\"7.3.6.cvs20090906-1ubuntu3.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"logwatch\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:09:25", "description": "This update fixes CVE-2011-1018: Privilege escalation due improper\nsanitization of special characters in log file names\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2011-03-11T00:00:00", "title": "Fedora 14 : logwatch-7.3.6-60.fc14 (2011-2328)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "modified": "2011-03-11T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:14", "p-cpe:/a:fedoraproject:fedora:logwatch"], "id": "FEDORA_2011-2328.NASL", "href": "https://www.tenable.com/plugins/nessus/52623", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-2328.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(52623);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1018\");\n script_xref(name:\"FEDORA\", value:\"2011-2328\");\n\n script_name(english:\"Fedora 14 : logwatch-7.3.6-60.fc14 (2011-2328)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes CVE-2011-1018: Privilege escalation due improper\nsanitization of special characters in log file names\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=680237\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-March/055579.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8a9d9b47\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected logwatch package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:logwatch\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"logwatch-7.3.6-60.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"logwatch\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T14:41:31", "description": "Shell meta characters in log file names could lead to execution of\narbitrary code. (CVE-2011-1018)", "edition": 23, "published": "2011-03-31T00:00:00", "title": "SuSE 11.1 Security Update : logwatch (SAT Patch Number 4236)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1018"], "modified": "2011-03-31T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:logwatch"], "id": "SUSE_11_LOGWATCH-110325.NASL", "href": "https://www.tenable.com/plugins/nessus/53228", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53228);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-1018\");\n\n script_name(english:\"SuSE 11.1 Security Update : logwatch (SAT Patch Number 4236)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Shell meta characters in log file names could lead to execution of\narbitrary code. (CVE-2011-1018)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=674984\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1018.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4236.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:logwatch\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/03/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"logwatch-7.3.6-65.66.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
