Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:24629
HistoryApr 10, 2020 - 12:59 a.m.

Arbitrary Code Execution

2020-04-1000:59:32
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

logwatch is vulnerable to arbitrary code execution. The vulnerability exists as a flaw was found in the way Logwatch processed log files. If an attacker were able to create a log file with a malicious file name, it could result in arbitrary code execution with the privileges of the root user when that log file is analyzed by Logwatch.

References

Related

fedora 3
nessus 13
openvas 16
redhat 1
debiancve 1
cve 1
ubuntu 1
securityvulns 2
gentoo 1
prion 1
cvelist 1
oraclelinux 1
ubuntucve 1
centos 1
fedora
fedora
[SECURITY] Fedora 14 Update: logwatch-7.3.6-60.fc14
2011-03-10 20:49:05
[SECURITY] Fedora 13 Update: logwatch-7.3.6-55.fc13
2011-03-10 20:50:01
[SECURITY] Fedora 15 Update: logwatch-7.3.6-66.20110203svn25.fc15
2011-03-11 06:09:05
nessus
nessus
GLSA-201203-20 : Logwatch: Arbitrary code execution
2012-06-21 00:00:00
SuSE 11.1 Security Update : logwatch (SAT Patch Number 4236)
2011-03-31 00:00:00
Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : logwatch vulnerability (USN-1078-1)
2011-03-01 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2011-0324)
2015-10-06 00:00:00
Ubuntu Update for logwatch vulnerability USN-1078-1
2011-03-07 00:00:00
CentOS Update for logwatch CESA-2011:0324 centos5 x86_64
2012-07-30 00:00:00
redhat
redhat
(RHSA-2011:0324) Important: logwatch security update
2011-03-07 00:00:00
debiancve
debiancve
CVE-2011-1018
2011-02-25 19:00:00
cve
cve
CVE-2011-1018
2011-02-25 19:00:00
ubuntu
ubuntu
Logwatch vulnerability
2011-03-01 00:00:00
securityvulns
securityvulns
[USN-1078-1] Logwatch vulnerability
2011-03-03 00:00:00
logwatch shell characters vulnerability
2011-03-03 00:00:00
gentoo
gentoo
Logwatch: Arbitrary code execution
2012-03-28 00:00:00
prion
prion
Design/Logic Flaw
2011-02-25 19:00:00
cvelist
cvelist
CVE-2011-1018
2011-02-25 18:00:00
oraclelinux
oraclelinux
logwatch security update
2011-03-07 00:00:00
ubuntucve
ubuntucve
CVE-2011-1018
2011-02-25 00:00:00
centos
centos
logwatch security update
2011-04-14 23:48:13

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for VERACODE:24629
fedora3nessus13openvas16redhat1debiancve1cve1ubuntu1securityvulns2gentoo1prion1cvelist1oraclelinux1ubuntucve1centos1