Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2011-1548
HistoryMar 30, 2011 - 12:00 a.m.

CVE-2011-1548

2011-03-3000:00:00
ubuntu.com
ubuntu.com
9

0.0004 Low

EPSS

Percentile

9.7%

JSON

The default configuration of logrotate on Debian GNU/Linux uses root
privileges to process files in directories that permit non-root write
access, which allows local users to conduct symlink and hard link attacks
by leveraging logrotate’s lack of support for untrusted directories, as
demonstrated by /var/log/postgresql/.

Bugs

Notes

Author Note
mdeslaur looks like issue #9, adding RH bug upstream patch adds “su” option variable, and probably breaks backwards compatibility RH proposed patch for CVE-2011-1098 may fix it in a backwards-compatible way pretty much fixed by nofollow.patch and security-388608.patch in lucid+
OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlogrotate< 3.7.1-3ubuntu0.8.04.1UNKNOWN

Related

securityvulns 3
openvas 11
nessus 17
ubuntu 1
prion 2
f5 2
debiancve 2
cve 2
ubuntucve 3
cvelist 2
fedora 2
seebug 1
oraclelinux 1
redhat 1
gentoo 1
securityvulns
securityvulns
[USN-1172-1] logrotate vulnerabilities
2011-07-26 00:00:00
logrotate multiple security vulnerabilities
2011-07-26 00:00:00
[ MDVSA-2011:065 ] logrotate
2011-04-06 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1172-1)
2011-07-22 00:00:00
Ubuntu Update for logrotate USN-1172-1
2011-07-22 00:00:00
Fedora Update for logrotate FEDORA-2011-3739
2011-04-19 00:00:00
nessus
nessus
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : logrotate vulnerabilities (USN-1172-1)
2011-07-22 00:00:00
F5 Networks BIG-IP : logrotate vulnerability (SOL16869)
2015-09-14 00:00:00
SuSE 10 Security Update : logrotate (ZYPP Patch Number 7534)
2011-05-26 00:00:00
ubuntu
ubuntu
logrotate vulnerabilities
2011-07-21 00:00:00
prion
prion
Race condition
2011-03-30 22:55:00
Default configuration
2011-03-30 22:55:00
f5
f5
K16869 : logrotate vulnerability CVE-2011-1098
2015-09-11 00:00:00
SOL16869 - logrotate vulnerability CVE-2011-1098
2015-07-07 00:00:00
debiancve
debiancve
CVE-2011-1098
2011-03-30 22:55:00
CVE-2011-1548
2011-03-30 22:55:00
cve
cve
CVE-2011-1548
2011-03-30 22:55:00
CVE-2011-1098
2011-03-30 22:55:00
ubuntucve
ubuntucve
CVE-2011-1098
2011-03-30 00:00:00
CVE-2011-1549
2011-03-30 00:00:00
CVE-2011-1550
2011-03-30 00:00:00
cvelist
cvelist
CVE-2011-1098
2011-03-30 22:00:00
CVE-2011-1548
2011-03-30 22:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: logrotate-3.7.9-2.fc14
2011-04-11 20:59:43
[SECURITY] Fedora 15 Update: logrotate-3.7.9-8.fc15
2011-03-29 04:00:10
seebug
seebug
Red Hat Enterprise Linux logrotate任意执行命令及信息泄露漏洞
2011-04-02 00:00:00
oraclelinux
oraclelinux
logrotate security update
2011-03-31 00:00:00
redhat
redhat
(RHSA-2011:0407) Moderate: logrotate security update
2011-03-31 00:00:00
gentoo
gentoo
logrotate: Multiple vulnerabilities
2012-06-25 00:00:00

0.0004 Low

EPSS

Percentile

9.7%

JSON
Related for UB:CVE-2011-1548
securityvulns3openvas11nessus17ubuntu1prion2f52debiancve2cve2ubuntucve3cvelist2fedora2seebug1oraclelinux1redhat1gentoo1