Lucene search
Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-1078-1.NASLHistoryMar 01, 2011 - 12:00 a.m.
Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : logwatch vulnerability (USN-1078-1)
2011-03-0100:00:00
Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.065 Low
EPSS
Percentile
93.7%
Dominik George discovered that logwatch did not properly sanitize log file names that were passed to the shell as part of a command. If a remote attacker were able to generate specially crafted filenames (for example, via Samba logging), they could execute arbitrary code with root privileges.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-1078-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include("compat.inc");
if (description)
{
script_id(52480);
script_version("1.9");
script_cvs_date("Date: 2019/09/19 12:54:26");
script_cve_id("CVE-2011-1018");
script_bugtraq_id(46554);
script_xref(name:"USN", value:"1078-1");
script_name(english:"Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : logwatch vulnerability (USN-1078-1)");
script_summary(english:"Checks dpkg output for updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Ubuntu host is missing a security-related patch."
);
script_set_attribute(
attribute:"description",
value:
"Dominik George discovered that logwatch did not properly sanitize log
file names that were passed to the shell as part of a command. If a
remote attacker were able to generate specially crafted filenames (for
example, via Samba logging), they could execute arbitrary code with
root privileges.
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/1078-1/"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected logwatch package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:logwatch");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.10");
script_set_attribute(attribute:"vuln_publication_date", value:"2011/02/25");
script_set_attribute(attribute:"patch_publication_date", value:"2011/02/28");
script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/01");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(8\.04|9\.10|10\.04|10\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 8.04 / 9.10 / 10.04 / 10.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"8.04", pkgname:"logwatch", pkgver:"7.3.6-1ubuntu1.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"logwatch", pkgver:"7.3.6.cvs20090906-1ubuntu1.1")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"logwatch", pkgver:"7.3.6.cvs20090906-1ubuntu2.1")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"logwatch", pkgver:"7.3.6.cvs20090906-1ubuntu3.1")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "logwatch");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | logwatch | p-cpe:/a:canonical:ubuntu_linux:logwatch |
| canonical | ubuntu_linux | 10.04 | cpe:/o:canonical:ubuntu_linux:10.04:-:lts |
| canonical | ubuntu_linux | 10.10 | cpe:/o:canonical:ubuntu_linux:10.10 |
| canonical | ubuntu_linux | 8.04 | cpe:/o:canonical:ubuntu_linux:8.04:-:lts |
| canonical | ubuntu_linux | 9.10 | cpe:/o:canonical:ubuntu_linux:9.10 |
Related
oraclelinux
oraclelinux
logwatch security update
2011-03-07 00:00:00
nessus
nessus
Fedora 15 : logwatch-7.3.6-66.20110203svn25.fc15 (2011-2396)
2011-03-11 00:00:00
openSUSE Security Update : logwatch (openSUSE-SU-2011:0242-1)
2014-06-13 00:00:00
Fedora 14 : logwatch-7.3.6-60.fc14 (2011-2328)
2011-03-11 00:00:00
openvas
openvas
CentOS Update for logwatch CESA-2011:0324 centos5 i386
2011-08-09 00:00:00
CentOS Update for logwatch CESA-2011:0324 centos5 i386
2011-08-09 00:00:00
Gentoo Security Advisory GLSA 201203-20 (Logwatch)
2012-04-30 00:00:00
centos
centos
logwatch security update
2011-04-14 23:48:13
ubuntucve
ubuntucve
CVE-2011-1018
2011-02-25 00:00:00
securityvulns
securityvulns
logwatch shell characters vulnerability
2011-03-03 00:00:00
[USN-1078-1] Logwatch vulnerability
2011-03-03 00:00:00
cvelist
cvelist
CVE-2011-1018
2011-02-25 18:00:00
prion
prion
Design/Logic Flaw
2011-02-25 19:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: logwatch-7.3.6-60.fc14
2011-03-10 20:49:05
[SECURITY] Fedora 15 Update: logwatch-7.3.6-66.20110203svn25.fc15
2011-03-11 06:09:05
[SECURITY] Fedora 13 Update: logwatch-7.3.6-55.fc13
2011-03-10 20:50:01
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:59:32
nvd
nvd
CVE-2011-1018
2011-02-25 19:00:01
gentoo
gentoo
Logwatch: Arbitrary code execution
2012-03-28 00:00:00
cve
cve
CVE-2011-1018
2011-02-25 19:00:01
redhat
redhat
(RHSA-2011:0324) Important: logwatch security update
2011-03-07 00:00:00
ubuntu
ubuntu
Logwatch vulnerability
2011-03-01 00:00:00
debiancve
debiancve
CVE-2011-1018
2011-02-25 19:00:01
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.065 Low
EPSS
Percentile
93.7%
Related for UBUNTU_USN-1078-1.NASL