Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в logrotate
дополнено с 6 апреля 2011 г.
Опубликовано:26 июля 2011 г.
Источник:
SecurityVulns ID:11566
Тип:локальная
Уровень опасности:
5/10
Описание:Кратковременные условия, проблема шел-символов, DoS.
Затронутые продукты:LOGROTATE : logrotate 3.7
CVE:CVE-2011-1548 (The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by /var/log/postgresql/.)
 CVE-2011-1155 (The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.)
 CVE-2011-1154 (The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.)
 CVE-2011-1098 (Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place.)
Оригинальный текстdocumentUBUNTU, [USN-1172-1] logrotate vulnerabilities (26.07.2011)
 documentMANDRIVA, [ MDVSA-2011:065 ] logrotate (06.04.2011)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород