CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:C/A:C
EPSS
Percentile
17.0%
The default configuration of logrotate on Debian GNU/Linux uses root
privileges to process files in directories that permit non-root write
access, which allows local users to conduct symlink and hard link attacks
by leveraging logrotateβs lack of support for untrusted directories, as
demonstrated by /var/log/postgresql/.
Author | Note |
---|---|
mdeslaur | looks like issue #9, adding RH bug upstream patch adds βsuβ option variable, and probably breaks backwards compatibility RH proposed patch for CVE-2011-1098 may fix it in a backwards-compatible way pretty much fixed by nofollow.patch and security-388608.patch in lucid+ |