5 matches found
[SECURITY] Fedora 36 Update: logrotate-3.20.1-1.fc36
The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log...
bind: TCP Pipelining doesn't limit TCP clients on a single connection
A flaw was found in the way bind limited the number of TCP clients that can be connected at any given time. A remote attacker could use one TCP client to send a large number of DNS requests over a single connection, causing exhaustion of the pool of file descriptors available to named, and...
Red Hat Enterprise Linux logrotate任意执行命令及信息泄露漏洞
CVE ID: CVE-2011-1155,CVE-2011-1154,CVE-2011-1098 logrotate程序可简化多个日志文件的管理,允许日志文件的自动循环、压缩、删除和 邮寄。 logrotate处理shred指令时存在shell命令注入漏洞,特制日志文件可造成logrotate 以运行logrotate默认root的用户权限执行任意命令。注意:默认没有启用shred指令。 logrotate在创建新日志文件时应用权限的方式中存在竞争条件漏洞,在一些特定配置 中,本地攻击者可利用此漏洞在logrotate应用最终权限之前打开新的日志文件,可导 致泄露敏感信息。...
[SECURITY] Fedora 15 Update: logrotate-3.7.9-8.fc15
The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log...
CVE-1999-0596
A Windows NT log file has an inappropriate maximum size or retention period...