3 matches found
Mandriva Linux Security Advisory : logrotate (MDVSA-2011:065)
Multiple vulnerabilities were discovered and corrected in logrotate : Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place CVE-2011-1098. The shredfile...
CVE-2011-1154
The shredfile function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name...
Race condition
Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place...