Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-1154HistoryMar 30, 2011 - 10:55 p.m.
CVE-2011-1154
2011-03-3022:55:02
Debian Security Bug Tracker
security-tracker.debian.org
9
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.001
Percentile
29.8%
The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | logrotate | <Β 3.8.0-1 | logrotate_3.8.0-1_all.deb |
| Debian | 11 | all | logrotate | <Β 3.8.0-1 | logrotate_3.8.0-1_all.deb |
| Debian | 999 | all | logrotate | <Β 3.8.0-1 | logrotate_3.8.0-1_all.deb |
| Debian | 13 | all | logrotate | <Β 3.8.0-1 | logrotate_3.8.0-1_all.deb |
Related
cve
cve
CVE-2011-1154
2011-03-30 22:55:02
f5
f5
K16870 : logrotate vulnerability CVE-2011-1154
2015-09-17 00:00:00
SOL16870 - logrotate vulnerability CVE-2011-1154
2015-07-07 00:00:00
cvelist
cvelist
CVE-2011-1154
2011-03-30 22:00:00
prion
prion
Design/Logic Flaw
2011-03-30 22:55:00
ubuntucve
ubuntucve
CVE-2011-1154
2011-03-30 00:00:00
nvd
nvd
CVE-2011-1154
2011-03-30 22:55:02
nessus
nessus
NewStart CGSL CORE 5.04 / MAIN 5.04 : logrotate Multiple Vulnerabilities (NS-SA-2021-0108)
2021-10-27 00:00:00
Oracle Linux 6 : logrotate (ELSA-2011-0407)
2013-07-12 00:00:00
Scientific Linux Security Update : logrotate on SL6.x i386/x86_64
2012-08-01 00:00:00
seebug
seebug
Red Hat Enterprise Linux logrotateδ»»ζζ§θ‘ε½δ»€εδΏ‘ζ―ζ³ι²ζΌζ΄
2011-04-02 00:00:00
openvas
openvas
RedHat Update for logrotate RHSA-2011:0407-01
2012-06-06 00:00:00
Mandriva Update for logrotate MDVSA-2011:065 (logrotate)
2011-04-11 00:00:00
Fedora Update for logrotate FEDORA-2011-3739
2011-04-19 00:00:00
securityvulns
securityvulns
[ MDVSA-2011:065 ] logrotate
2011-04-06 00:00:00
[USN-1172-1] logrotate vulnerabilities
2011-07-26 00:00:00
logrotate multiple security vulnerabilities
2011-07-26 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: logrotate-3.7.9-2.fc14
2011-04-11 20:59:43
[SECURITY] Fedora 15 Update: logrotate-3.7.9-8.fc15
2011-03-29 04:00:10
redhat
redhat
(RHSA-2011:0407) Moderate: logrotate security update
2011-03-31 00:00:00
oraclelinux
oraclelinux
logrotate security update
2011-03-31 00:00:00
gentoo
gentoo
logrotate: Multiple vulnerabilities
2012-06-25 00:00:00
ubuntu
ubuntu
logrotate vulnerabilities
2011-07-21 00:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.001
Percentile
29.8%
Related for DEBIANCVE:CVE-2011-1154