Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2011-1548

Published: 30 March 2011

The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by /var/log/postgresql/.

Notes

AuthorNote
mdeslaur
looks like issue #9, adding RH bug
upstream patch adds "su" option variable, and probably breaks
backwards compatibility
RH proposed patch for CVE-2011-1098 may fix it in a
backwards-compatible way
pretty much fixed by nofollow.patch and security-388608.patch
in lucid+

Priority

Medium

Status

Package Release Status
logrotate
Launchpad, Ubuntu, Debian
dapper Ignored
(end of life)
hardy
Released (3.7.1-3ubuntu0.8.04.1)
karmic Ignored
(end of life)
lucid Not vulnerable
(3.7.8-4ubuntu2.1)
maverick Not vulnerable
(3.7.8-6ubuntu1)
natty Not vulnerable
(3.7.8-6ubuntu3)
upstream Needs triage