NewStart CGSL MAIN 6.02 : logrotate Multiple Vulnerabilities (NS-SA-2022-0095)

The remote NewStart CGSL host, running version MAIN 6.02, has logrotate packages installed that are affected by multiple vulnerabilities: - Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before th...

logrotate: DoS due improper escaping of file names within 'write state' action

The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service rotation outage via a 1 \n newline or 2 \ backslash character in a log filename, as demonstrated by a filename that is automatically constructed on the basis ...

CVE-2011-1155

The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service rotation outage via a 1 \n newline or 2 \ backslash character in a log filename, as demonstrated by a filename that is automatically constructed on the basis ...

Design/Logic Flaw

The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service rotation outage via a 1 \n newline or 2 \ backslash character in a log filename, as demonstrated by a filename that is automatically constructed on the basis ...

CVE-2011-1155

The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service rotation outage via a 1 \n newline or 2 \ backslash character in a log filename, as demonstrated by a filename that is automatically constructed on the basis ...