Lucene search
Ubuntu.comUB:CVE-2011-1550HistoryMar 30, 2011 - 12:00 a.m.
CVE-2011-1550
2011-03-3000:00:00
ubuntu.com
ubuntu.com
10
0.0004 Low
EPSS
Percentile
9.8%
The default configuration of logrotate on SUSE openSUSE Factory uses root
privileges to process files in directories that permit non-root write
access, which allows local users to conduct symlink and hard link attacks
by leveraging logrotate’s lack of support for untrusted directories, as
demonstrated by directories for the (1) cobbler, (2) inn, (3)
safte-monitor, and (4) uucp packages.
Notes
| Author | Note |
|---|---|
| mdeslaur | SUSE-specific CVE (see CVE-2011-1548 for Debian) |
Related
debiancve
debiancve
CVE-2011-1550
2011-03-30 22:55:02
CVE-2011-1548
2011-03-30 22:55:02
prion
prion
Default configuration
2011-03-30 22:55:00
Default configuration
2011-03-30 22:55:00
cvelist
cvelist
CVE-2011-1550
2022-10-03 16:15:09
CVE-2011-1548
2011-03-30 22:00:00
cve
cve
CVE-2011-1550
2011-03-30 22:55:02
CVE-2011-1548
2011-03-30 22:55:02
ubuntucve
ubuntucve
CVE-2011-1549
2011-03-30 00:00:00
CVE-2011-1548
2011-03-30 00:00:00
securityvulns
securityvulns
[USN-1172-1] logrotate vulnerabilities
2011-07-26 00:00:00
logrotate multiple security vulnerabilities
2011-07-26 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-1172-1)
2011-07-22 00:00:00
Ubuntu Update for logrotate USN-1172-1
2011-07-22 00:00:00
nessus
nessus
ubuntu
ubuntu
logrotate vulnerabilities
2011-07-21 00:00:00