Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2011-1550
HistoryMar 30, 2011 - 12:00 a.m.

CVE-2011-1550

2011-03-3000:00:00
ubuntu.com
ubuntu.com
12

CVSS2

6.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:C/A:C

EPSS

0

Percentile

10.1%

JSON

The default configuration of logrotate on SUSE openSUSE Factory uses root
privileges to process files in directories that permit non-root write
access, which allows local users to conduct symlink and hard link attacks
by leveraging logrotate’s lack of support for untrusted directories, as
demonstrated by directories for the (1) cobbler, (2) inn, (3)
safte-monitor, and (4) uucp packages.

Notes

Author Note
mdeslaur SUSE-specific CVE (see CVE-2011-1548 for Debian)

Related

debiancve 2
prion 2
cve 2
cvelist 2
nvd 2
ubuntucve 2
ubuntu 1
nessus 1
openvas 2
securityvulns 2
debiancve
debiancve
CVE-2011-1550
2011-03-30 22:55:02
CVE-2011-1548
2011-03-30 22:55:02
prion
prion
Default configuration
2011-03-30 22:55:00
Default configuration
2011-03-30 22:55:00
cve
cve
CVE-2011-1550
2011-03-30 22:55:02
CVE-2011-1548
2011-03-30 22:55:02
cvelist
cvelist
CVE-2011-1550
2011-03-30 22:00:00
CVE-2011-1548
2011-03-30 22:00:00
nvd
nvd
CVE-2011-1550
2011-03-30 22:55:02
CVE-2011-1548
2011-03-30 22:55:02
ubuntucve
ubuntucve
CVE-2011-1549
2011-03-30 00:00:00
CVE-2011-1548
2011-03-30 00:00:00
ubuntu
ubuntu
logrotate vulnerabilities
2011-07-21 00:00:00
nessus
nessus
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : logrotate vulnerabilities (USN-1172-1)
2011-07-22 00:00:00
openvas
openvas
Ubuntu Update for logrotate USN-1172-1
2011-07-22 00:00:00
Ubuntu: Security Advisory (USN-1172-1)
2011-07-22 00:00:00
securityvulns
securityvulns
[USN-1172-1] logrotate vulnerabilities
2011-07-26 00:00:00
logrotate multiple security vulnerabilities
2011-07-26 00:00:00

CVSS2

6.3

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:C/A:C

EPSS

0

Percentile

10.1%

JSON
Related for UB:CVE-2011-1550
debiancve2prion2cve2cvelist2nvd2ubuntucve2ubuntu1nessus1openvas2securityvulns2