CVE-2011-1548
Published: 30 March 2011
The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by /var/log/postgresql/.
Notes
Author | Note |
---|---|
mdeslaur | looks like issue #9, adding RH bug upstream patch adds "su" option variable, and probably breaks backwards compatibility RH proposed patch for CVE-2011-1098 may fix it in a backwards-compatible way pretty much fixed by nofollow.patch and security-388608.patch in lucid+ |
Priority
Status
Package | Release | Status |
---|---|---|
logrotate Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
hardy |
Released
(3.7.1-3ubuntu0.8.04.1)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Not vulnerable
(3.7.8-4ubuntu2.1)
|
|
maverick |
Not vulnerable
(3.7.8-6ubuntu1)
|
|
natty |
Not vulnerable
(3.7.8-6ubuntu3)
|
|
upstream |
Needs triage
|