{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "logwatch-7.4.3-1.4 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the logwatch-7.4.3-1.4 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-10097",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10097-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2011-1018 page",
        "url": "https://www.suse.com/security/cve/CVE-2011-1018/"
      }
    ],
    "title": "logwatch-7.4.3-1.4 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:10097-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "logwatch-7.4.3-1.4.aarch64",
                "product": {
                  "name": "logwatch-7.4.3-1.4.aarch64",
                  "product_id": "logwatch-7.4.3-1.4.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "logwatch-7.4.3-1.4.ppc64le",
                "product": {
                  "name": "logwatch-7.4.3-1.4.ppc64le",
                  "product_id": "logwatch-7.4.3-1.4.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "logwatch-7.4.3-1.4.s390x",
                "product": {
                  "name": "logwatch-7.4.3-1.4.s390x",
                  "product_id": "logwatch-7.4.3-1.4.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "logwatch-7.4.3-1.4.x86_64",
                "product": {
                  "name": "logwatch-7.4.3-1.4.x86_64",
                  "product_id": "logwatch-7.4.3-1.4.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-7.4.3-1.4.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:logwatch-7.4.3-1.4.aarch64"
        },
        "product_reference": "logwatch-7.4.3-1.4.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-7.4.3-1.4.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:logwatch-7.4.3-1.4.ppc64le"
        },
        "product_reference": "logwatch-7.4.3-1.4.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-7.4.3-1.4.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:logwatch-7.4.3-1.4.s390x"
        },
        "product_reference": "logwatch-7.4.3-1.4.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-7.4.3-1.4.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:logwatch-7.4.3-1.4.x86_64"
        },
        "product_reference": "logwatch-7.4.3-1.4.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2011-1018",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2011-1018"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:logwatch-7.4.3-1.4.aarch64",
          "openSUSE Tumbleweed:logwatch-7.4.3-1.4.ppc64le",
          "openSUSE Tumbleweed:logwatch-7.4.3-1.4.s390x",
          "openSUSE Tumbleweed:logwatch-7.4.3-1.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2011-1018",
          "url": "https://www.suse.com/security/cve/CVE-2011-1018"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 674984 for CVE-2011-1018",
          "url": "https://bugzilla.suse.com/674984"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:logwatch-7.4.3-1.4.aarch64",
            "openSUSE Tumbleweed:logwatch-7.4.3-1.4.ppc64le",
            "openSUSE Tumbleweed:logwatch-7.4.3-1.4.s390x",
            "openSUSE Tumbleweed:logwatch-7.4.3-1.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2011-1018"
    }
  ]
}

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eLogwatch version 7.3.6, versions  ant\u00e9rieures non v\u00e9rifi\u00e9es.\u003c/p\u003e",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans Logwatch, qui concerne\nl\u0027interpr\u00e9tation des noms de fichier. Un attaquant capable de cr\u00e9er des\nfichiers journaux sur la station cible peut, en utilisant un nom de\nfichier sp\u00e9cialement con\u00e7u, ex\u00e9cuter des commandes arbitraires.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-1018",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1018"
    }
  ],
  "initial_release_date": "2011-03-22T00:00:00",
  "last_revision_date": "2011-03-22T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-163",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans Logwatch, qui permet d\u0027ex\u00e9cuter du\ncode arbitraire.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Logwatch",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Alerte de s\u00e9curit\u00e9 Logwatch 3184223",
      "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=3184223\u0026group_id=312875\u0026atid=1316824"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated logwatch package that fixes one security issue is now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Logwatch is a customizable log analysis system. Logwatch parses through\nyour system\u0027s logs for a given period of time and creates a report\nanalyzing areas that you specify, in as much detail as you require.\n\nA flaw was found in the way Logwatch processed log files. If an attacker\nwere able to create a log file with a malicious file name, it could result\nin arbitrary code execution with the privileges of the root user when that\nlog file is analyzed by Logwatch. (CVE-2011-1018)\n\nUsers of logwatch should upgrade to this updated package, which contains a\nbackported patch to resolve this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2011:0324",
        "url": "https://access.redhat.com/errata/RHSA-2011:0324"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "680237",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680237"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_0324.json"
      }
    ],
    "title": "Red Hat Security Advisory: logwatch security update",
    "tracking": {
      "current_release_date": "2024-11-22T04:11:59+00:00",
      "generator": {
        "date": "2024-11-22T04:11:59+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2011:0324",
      "initial_release_date": "2011-03-07T20:58:00+00:00",
      "revision_history": [
        {
          "date": "2011-03-07T20:58:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2011-03-07T16:01:38+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T04:11:59+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                  "product_id": "6Client",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node (v. 6)",
                  "product_id": "6ComputeNode",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5.6.z server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5.6.z server)",
                  "product_id": "5Server-5.6.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "logwatch-0:7.3.6-49.el6.src",
                "product": {
                  "name": "logwatch-0:7.3.6-49.el6.src",
                  "product_id": "logwatch-0:7.3.6-49.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/logwatch@7.3.6-49.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "logwatch-0:7.3-9.el5_6.src",
                "product": {
                  "name": "logwatch-0:7.3-9.el5_6.src",
                  "product_id": "logwatch-0:7.3-9.el5_6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/logwatch@7.3-9.el5_6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "logwatch-0:7.3.6-49.el6.noarch",
                "product": {
                  "name": "logwatch-0:7.3.6-49.el6.noarch",
                  "product_id": "logwatch-0:7.3.6-49.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/logwatch@7.3.6-49.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "logwatch-0:7.3-9.el5_6.noarch",
                "product": {
                  "name": "logwatch-0:7.3-9.el5_6.noarch",
                  "product_id": "logwatch-0:7.3-9.el5_6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/logwatch@7.3-9.el5_6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3-9.el5_6.noarch as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
          "product_id": "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.noarch"
        },
        "product_reference": "logwatch-0:7.3-9.el5_6.noarch",
        "relates_to_product_reference": "5Server-5.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3-9.el5_6.src as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
          "product_id": "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.src"
        },
        "product_reference": "logwatch-0:7.3-9.el5_6.src",
        "relates_to_product_reference": "5Server-5.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.noarch as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client:logwatch-0:7.3.6-49.el6.noarch"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.noarch",
        "relates_to_product_reference": "6Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client:logwatch-0:7.3.6-49.el6.src"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.src",
        "relates_to_product_reference": "6Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.noarch as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode:logwatch-0:7.3.6-49.el6.noarch"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.noarch",
        "relates_to_product_reference": "6ComputeNode"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode:logwatch-0:7.3.6-49.el6.src"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.src",
        "relates_to_product_reference": "6ComputeNode"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:logwatch-0:7.3.6-49.el6.noarch"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:logwatch-0:7.3.6-49.el6.src"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.src",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:logwatch-0:7.3.6-49.el6.noarch"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:logwatch-0:7.3.6-49.el6.src"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.src",
        "relates_to_product_reference": "6Workstation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2011-1018",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "discovery_date": "2011-02-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "680237"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "logwatch: Privilege escalation due improper sanitization of special characters in log file names",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.noarch",
          "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.src",
          "6Client:logwatch-0:7.3.6-49.el6.noarch",
          "6Client:logwatch-0:7.3.6-49.el6.src",
          "6ComputeNode:logwatch-0:7.3.6-49.el6.noarch",
          "6ComputeNode:logwatch-0:7.3.6-49.el6.src",
          "6Server:logwatch-0:7.3.6-49.el6.noarch",
          "6Server:logwatch-0:7.3.6-49.el6.src",
          "6Workstation:logwatch-0:7.3.6-49.el6.noarch",
          "6Workstation:logwatch-0:7.3.6-49.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2011-1018"
        },
        {
          "category": "external",
          "summary": "RHBZ#680237",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680237"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1018",
          "url": "https://www.cve.org/CVERecord?id=CVE-2011-1018"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1018",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1018"
        }
      ],
      "release_date": "2011-02-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2011-03-07T20:58:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
          "product_ids": [
            "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.noarch",
            "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.src",
            "6Client:logwatch-0:7.3.6-49.el6.noarch",
            "6Client:logwatch-0:7.3.6-49.el6.src",
            "6ComputeNode:logwatch-0:7.3.6-49.el6.noarch",
            "6ComputeNode:logwatch-0:7.3.6-49.el6.src",
            "6Server:logwatch-0:7.3.6-49.el6.noarch",
            "6Server:logwatch-0:7.3.6-49.el6.src",
            "6Workstation:logwatch-0:7.3.6-49.el6.noarch",
            "6Workstation:logwatch-0:7.3.6-49.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2011:0324"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.9,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "products": [
            "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.noarch",
            "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.src",
            "6Client:logwatch-0:7.3.6-49.el6.noarch",
            "6Client:logwatch-0:7.3.6-49.el6.src",
            "6ComputeNode:logwatch-0:7.3.6-49.el6.noarch",
            "6ComputeNode:logwatch-0:7.3.6-49.el6.src",
            "6Server:logwatch-0:7.3.6-49.el6.noarch",
            "6Server:logwatch-0:7.3.6-49.el6.src",
            "6Workstation:logwatch-0:7.3.6-49.el6.noarch",
            "6Workstation:logwatch-0:7.3.6-49.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "logwatch: Privilege escalation due improper sanitization of special characters in log file names"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated logwatch package that fixes one security issue is now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Logwatch is a customizable log analysis system. Logwatch parses through\nyour system\u0027s logs for a given period of time and creates a report\nanalyzing areas that you specify, in as much detail as you require.\n\nA flaw was found in the way Logwatch processed log files. If an attacker\nwere able to create a log file with a malicious file name, it could result\nin arbitrary code execution with the privileges of the root user when that\nlog file is analyzed by Logwatch. (CVE-2011-1018)\n\nUsers of logwatch should upgrade to this updated package, which contains a\nbackported patch to resolve this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2011:0324",
        "url": "https://access.redhat.com/errata/RHSA-2011:0324"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "680237",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680237"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_0324.json"
      }
    ],
    "title": "Red Hat Security Advisory: logwatch security update",
    "tracking": {
      "current_release_date": "2025-11-21T17:37:49+00:00",
      "generator": {
        "date": "2025-11-21T17:37:49+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2011:0324",
      "initial_release_date": "2011-03-07T20:58:00+00:00",
      "revision_history": [
        {
          "date": "2011-03-07T20:58:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2011-03-07T16:01:38+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:37:49+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                  "product_id": "6Client",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node (v. 6)",
                  "product_id": "6ComputeNode",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5.6.z server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5.6.z server)",
                  "product_id": "5Server-5.6.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "logwatch-0:7.3.6-49.el6.src",
                "product": {
                  "name": "logwatch-0:7.3.6-49.el6.src",
                  "product_id": "logwatch-0:7.3.6-49.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/logwatch@7.3.6-49.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "logwatch-0:7.3-9.el5_6.src",
                "product": {
                  "name": "logwatch-0:7.3-9.el5_6.src",
                  "product_id": "logwatch-0:7.3-9.el5_6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/logwatch@7.3-9.el5_6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "logwatch-0:7.3.6-49.el6.noarch",
                "product": {
                  "name": "logwatch-0:7.3.6-49.el6.noarch",
                  "product_id": "logwatch-0:7.3.6-49.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/logwatch@7.3.6-49.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "logwatch-0:7.3-9.el5_6.noarch",
                "product": {
                  "name": "logwatch-0:7.3-9.el5_6.noarch",
                  "product_id": "logwatch-0:7.3-9.el5_6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/logwatch@7.3-9.el5_6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3-9.el5_6.noarch as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
          "product_id": "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.noarch"
        },
        "product_reference": "logwatch-0:7.3-9.el5_6.noarch",
        "relates_to_product_reference": "5Server-5.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3-9.el5_6.src as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
          "product_id": "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.src"
        },
        "product_reference": "logwatch-0:7.3-9.el5_6.src",
        "relates_to_product_reference": "5Server-5.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.noarch as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client:logwatch-0:7.3.6-49.el6.noarch"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.noarch",
        "relates_to_product_reference": "6Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client:logwatch-0:7.3.6-49.el6.src"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.src",
        "relates_to_product_reference": "6Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.noarch as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode:logwatch-0:7.3.6-49.el6.noarch"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.noarch",
        "relates_to_product_reference": "6ComputeNode"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode:logwatch-0:7.3.6-49.el6.src"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.src",
        "relates_to_product_reference": "6ComputeNode"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:logwatch-0:7.3.6-49.el6.noarch"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:logwatch-0:7.3.6-49.el6.src"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.src",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:logwatch-0:7.3.6-49.el6.noarch"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:logwatch-0:7.3.6-49.el6.src"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.src",
        "relates_to_product_reference": "6Workstation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2011-1018",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "discovery_date": "2011-02-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "680237"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "logwatch: Privilege escalation due improper sanitization of special characters in log file names",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.noarch",
          "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.src",
          "6Client:logwatch-0:7.3.6-49.el6.noarch",
          "6Client:logwatch-0:7.3.6-49.el6.src",
          "6ComputeNode:logwatch-0:7.3.6-49.el6.noarch",
          "6ComputeNode:logwatch-0:7.3.6-49.el6.src",
          "6Server:logwatch-0:7.3.6-49.el6.noarch",
          "6Server:logwatch-0:7.3.6-49.el6.src",
          "6Workstation:logwatch-0:7.3.6-49.el6.noarch",
          "6Workstation:logwatch-0:7.3.6-49.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2011-1018"
        },
        {
          "category": "external",
          "summary": "RHBZ#680237",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680237"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1018",
          "url": "https://www.cve.org/CVERecord?id=CVE-2011-1018"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1018",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1018"
        }
      ],
      "release_date": "2011-02-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2011-03-07T20:58:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
          "product_ids": [
            "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.noarch",
            "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.src",
            "6Client:logwatch-0:7.3.6-49.el6.noarch",
            "6Client:logwatch-0:7.3.6-49.el6.src",
            "6ComputeNode:logwatch-0:7.3.6-49.el6.noarch",
            "6ComputeNode:logwatch-0:7.3.6-49.el6.src",
            "6Server:logwatch-0:7.3.6-49.el6.noarch",
            "6Server:logwatch-0:7.3.6-49.el6.src",
            "6Workstation:logwatch-0:7.3.6-49.el6.noarch",
            "6Workstation:logwatch-0:7.3.6-49.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2011:0324"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.9,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "products": [
            "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.noarch",
            "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.src",
            "6Client:logwatch-0:7.3.6-49.el6.noarch",
            "6Client:logwatch-0:7.3.6-49.el6.src",
            "6ComputeNode:logwatch-0:7.3.6-49.el6.noarch",
            "6ComputeNode:logwatch-0:7.3.6-49.el6.src",
            "6Server:logwatch-0:7.3.6-49.el6.noarch",
            "6Server:logwatch-0:7.3.6-49.el6.src",
            "6Workstation:logwatch-0:7.3.6-49.el6.noarch",
            "6Workstation:logwatch-0:7.3.6-49.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "logwatch: Privilege escalation due improper sanitization of special characters in log file names"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated logwatch package that fixes one security issue is now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from the\nCVE link in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Logwatch is a customizable log analysis system. Logwatch parses through\nyour system\u0027s logs for a given period of time and creates a report\nanalyzing areas that you specify, in as much detail as you require.\n\nA flaw was found in the way Logwatch processed log files. If an attacker\nwere able to create a log file with a malicious file name, it could result\nin arbitrary code execution with the privileges of the root user when that\nlog file is analyzed by Logwatch. (CVE-2011-1018)\n\nUsers of logwatch should upgrade to this updated package, which contains a\nbackported patch to resolve this issue.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2011:0324",
        "url": "https://access.redhat.com/errata/RHSA-2011:0324"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "680237",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680237"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_0324.json"
      }
    ],
    "title": "Red Hat Security Advisory: logwatch security update",
    "tracking": {
      "current_release_date": "2025-11-21T17:37:49+00:00",
      "generator": {
        "date": "2025-11-21T17:37:49+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2011:0324",
      "initial_release_date": "2011-03-07T20:58:00+00:00",
      "revision_history": [
        {
          "date": "2011-03-07T20:58:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2011-03-07T16:01:38+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:37:49+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                  "product_id": "6Client",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node (v. 6)",
                  "product_id": "6ComputeNode",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5.6.z server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5.6.z server)",
                  "product_id": "5Server-5.6.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "logwatch-0:7.3.6-49.el6.src",
                "product": {
                  "name": "logwatch-0:7.3.6-49.el6.src",
                  "product_id": "logwatch-0:7.3.6-49.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/logwatch@7.3.6-49.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "logwatch-0:7.3-9.el5_6.src",
                "product": {
                  "name": "logwatch-0:7.3-9.el5_6.src",
                  "product_id": "logwatch-0:7.3-9.el5_6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/logwatch@7.3-9.el5_6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "logwatch-0:7.3.6-49.el6.noarch",
                "product": {
                  "name": "logwatch-0:7.3.6-49.el6.noarch",
                  "product_id": "logwatch-0:7.3.6-49.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/logwatch@7.3.6-49.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "logwatch-0:7.3-9.el5_6.noarch",
                "product": {
                  "name": "logwatch-0:7.3-9.el5_6.noarch",
                  "product_id": "logwatch-0:7.3-9.el5_6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/logwatch@7.3-9.el5_6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3-9.el5_6.noarch as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
          "product_id": "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.noarch"
        },
        "product_reference": "logwatch-0:7.3-9.el5_6.noarch",
        "relates_to_product_reference": "5Server-5.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3-9.el5_6.src as a component of Red Hat Enterprise Linux (v. 5.6.z server)",
          "product_id": "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.src"
        },
        "product_reference": "logwatch-0:7.3-9.el5_6.src",
        "relates_to_product_reference": "5Server-5.6.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.noarch as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client:logwatch-0:7.3.6-49.el6.noarch"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.noarch",
        "relates_to_product_reference": "6Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client:logwatch-0:7.3.6-49.el6.src"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.src",
        "relates_to_product_reference": "6Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.noarch as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode:logwatch-0:7.3.6-49.el6.noarch"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.noarch",
        "relates_to_product_reference": "6ComputeNode"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode:logwatch-0:7.3.6-49.el6.src"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.src",
        "relates_to_product_reference": "6ComputeNode"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:logwatch-0:7.3.6-49.el6.noarch"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.noarch",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.src as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server:logwatch-0:7.3.6-49.el6.src"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.src",
        "relates_to_product_reference": "6Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:logwatch-0:7.3.6-49.el6.noarch"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.noarch",
        "relates_to_product_reference": "6Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "logwatch-0:7.3.6-49.el6.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation:logwatch-0:7.3.6-49.el6.src"
        },
        "product_reference": "logwatch-0:7.3.6-49.el6.src",
        "relates_to_product_reference": "6Workstation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2011-1018",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "discovery_date": "2011-02-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "680237"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "logwatch: Privilege escalation due improper sanitization of special characters in log file names",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.noarch",
          "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.src",
          "6Client:logwatch-0:7.3.6-49.el6.noarch",
          "6Client:logwatch-0:7.3.6-49.el6.src",
          "6ComputeNode:logwatch-0:7.3.6-49.el6.noarch",
          "6ComputeNode:logwatch-0:7.3.6-49.el6.src",
          "6Server:logwatch-0:7.3.6-49.el6.noarch",
          "6Server:logwatch-0:7.3.6-49.el6.src",
          "6Workstation:logwatch-0:7.3.6-49.el6.noarch",
          "6Workstation:logwatch-0:7.3.6-49.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2011-1018"
        },
        {
          "category": "external",
          "summary": "RHBZ#680237",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680237"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2011-1018",
          "url": "https://www.cve.org/CVERecord?id=CVE-2011-1018"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-1018",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1018"
        }
      ],
      "release_date": "2011-02-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2011-03-07T20:58:00+00:00",
          "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
          "product_ids": [
            "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.noarch",
            "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.src",
            "6Client:logwatch-0:7.3.6-49.el6.noarch",
            "6Client:logwatch-0:7.3.6-49.el6.src",
            "6ComputeNode:logwatch-0:7.3.6-49.el6.noarch",
            "6ComputeNode:logwatch-0:7.3.6-49.el6.src",
            "6Server:logwatch-0:7.3.6-49.el6.noarch",
            "6Server:logwatch-0:7.3.6-49.el6.src",
            "6Workstation:logwatch-0:7.3.6-49.el6.noarch",
            "6Workstation:logwatch-0:7.3.6-49.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2011:0324"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.9,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "products": [
            "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.noarch",
            "5Server-5.6.Z:logwatch-0:7.3-9.el5_6.src",
            "6Client:logwatch-0:7.3.6-49.el6.noarch",
            "6Client:logwatch-0:7.3.6-49.el6.src",
            "6ComputeNode:logwatch-0:7.3.6-49.el6.noarch",
            "6ComputeNode:logwatch-0:7.3.6-49.el6.src",
            "6Server:logwatch-0:7.3.6-49.el6.noarch",
            "6Server:logwatch-0:7.3.6-49.el6.src",
            "6Workstation:logwatch-0:7.3.6-49.el6.noarch",
            "6Workstation:logwatch-0:7.3.6-49.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "logwatch: Privilege escalation due improper sanitization of special characters in log file names"
    }
  ]
}

{
  "GSD": {
    "alias": "CVE-2011-1018",
    "description": "logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.",
    "id": "GSD-2011-1018",
    "references": [
      "https://www.suse.com/security/cve/CVE-2011-1018.html",
      "https://www.debian.org/security/2011/dsa-2182",
      "https://access.redhat.com/errata/RHSA-2011:0324",
      "https://linux.oracle.com/cve/CVE-2011-1018.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-1018"
      ],
      "details": "logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.",
      "id": "GSD-2011-1018",
      "modified": "2023-12-13T01:19:08.132170Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2011-1018",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
          },
          {
            "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055579.html",
            "refsource": "MISC",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055579.html"
          },
          {
            "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055585.html",
            "refsource": "MISC",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055585.html"
          },
          {
            "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055617.html",
            "refsource": "MISC",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055617.html"
          },
          {
            "name": "http://logwatch.svn.sourceforge.net/viewvc/logwatch/scripts/logwatch.pl?r1=3\u0026r2=26\u0026pathrev=26",
            "refsource": "MISC",
            "url": "http://logwatch.svn.sourceforge.net/viewvc/logwatch/scripts/logwatch.pl?r1=3\u0026r2=26\u0026pathrev=26"
          },
          {
            "name": "http://secunia.com/advisories/43356",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/43356"
          },
          {
            "name": "http://secunia.com/advisories/43495",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/43495"
          },
          {
            "name": "http://secunia.com/advisories/43622",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/43622"
          },
          {
            "name": "http://secunia.com/advisories/43644",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/43644"
          },
          {
            "name": "http://secunia.com/advisories/43734",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/43734"
          },
          {
            "name": "http://sourceforge.net/mailarchive/forum.php?thread_name=4D604843.7040303%40mblmail.net\u0026forum_name=logwatch-devel",
            "refsource": "MISC",
            "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=4D604843.7040303%40mblmail.net\u0026forum_name=logwatch-devel"
          },
          {
            "name": "http://sourceforge.net/tracker/?func=detail\u0026aid=3184223\u0026group_id=312875\u0026atid=1316824",
            "refsource": "MISC",
            "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=3184223\u0026group_id=312875\u0026atid=1316824"
          },
          {
            "name": "http://www.debian.org/security/2011/dsa-2182",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2011/dsa-2182"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2011/02/24/13",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2011/02/24/13"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2011/02/24/15",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2011/02/24/15"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2011-0324.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0324.html"
          },
          {
            "name": "http://www.securityfocus.com/bid/46554",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/46554"
          },
          {
            "name": "http://www.securitytracker.com/id?1025165",
            "refsource": "MISC",
            "url": "http://www.securitytracker.com/id?1025165"
          },
          {
            "name": "http://www.ubuntu.com/usn/USN-1078-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/USN-1078-1"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2011/0533",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2011/0533"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2011/0581",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2011/0581"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2011/0596",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2011/0596"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=680237",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680237"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:logwatch:logwatch:7.3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2011-1018"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "43495",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/43495"
            },
            {
              "name": "[Logwatch-devel] 20110216 Remote command execution issue with root privileges",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=4D604843.7040303%40mblmail.net\u0026forum_name=logwatch-devel"
            },
            {
              "name": "http://sourceforge.net/tracker/?func=detail\u0026aid=3184223\u0026group_id=312875\u0026atid=1316824",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=3184223\u0026group_id=312875\u0026atid=1316824"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=680237",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680237"
            },
            {
              "name": "[oss-security] 20110224 Re: CVE Request -- logwatch: Privilege escalation due improper sanitization of special characters in log file names",
              "refsource": "MLIST",
              "tags": [
                "Patch"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/02/24/15"
            },
            {
              "name": "46554",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/46554"
            },
            {
              "name": "http://logwatch.svn.sourceforge.net/viewvc/logwatch/scripts/logwatch.pl?r1=3\u0026r2=26\u0026pathrev=26",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "http://logwatch.svn.sourceforge.net/viewvc/logwatch/scripts/logwatch.pl?r1=3\u0026r2=26\u0026pathrev=26"
            },
            {
              "name": "[oss-security] 20110224 CVE Request -- logwatch: Privilege escalation due improper sanitization of special characters in log file names",
              "refsource": "MLIST",
              "tags": [
                "Patch"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2011/02/24/13"
            },
            {
              "name": "ADV-2011-0581",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0581"
            },
            {
              "name": "43622",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43622"
            },
            {
              "name": "43356",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43356"
            },
            {
              "name": "ADV-2011-0596",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0596"
            },
            {
              "name": "RHSA-2011:0324",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0324.html"
            },
            {
              "name": "1025165",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1025165"
            },
            {
              "name": "43644",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43644"
            },
            {
              "name": "DSA-2182",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2011/dsa-2182"
            },
            {
              "name": "ADV-2011-0533",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0533"
            },
            {
              "name": "USN-1078-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-1078-1"
            },
            {
              "name": "43734",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43734"
            },
            {
              "name": "FEDORA-2011-2318",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055585.html"
            },
            {
              "name": "FEDORA-2011-2396",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055617.html"
            },
            {
              "name": "FEDORA-2011-2328",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055579.html"
            },
            {
              "name": "SUSE-SR:2011:005",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2023-02-13T03:23Z",
      "publishedDate": "2011-02-25T19:00Z"
    }
  }
}

{
  "affected": [],
  "aliases": [
    "CVE-2011-1018"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-02-25T19:00:00Z",
    "severity": "HIGH"
  },
  "details": "logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.",
  "id": "GHSA-g657-whx2-ph73",
  "modified": "2022-05-17T04:52:58Z",
  "published": "2022-05-17T04:52:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1018"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2011:0324"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2011-1018"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680237"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055579.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055585.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055617.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://logwatch.svn.sourceforge.net/viewvc/logwatch/scripts/logwatch.pl?r1=3\u0026r2=26\u0026pathrev=26"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43356"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43495"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43622"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43644"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43734"
    },
    {
      "type": "WEB",
      "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=4D604843.7040303%40mblmail.net\u0026forum_name=logwatch-devel"
    },
    {
      "type": "WEB",
      "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=3184223\u0026group_id=312875\u0026atid=1316824"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2011/dsa-2182"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2011/02/24/13"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2011/02/24/15"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0324.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/46554"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1025165"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1078-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0533"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0581"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0596"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:logwatch:logwatch:7.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FBD0E67-747B-4A0A-9589-DDB72686FC59",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server."
    },
    {
      "lang": "es",
      "value": "logwatch.pl en Logwatch v7.3.6 permite a atacantes remotos ejecutar comandos arbitrarios v\u00eda metacaracteres shell en un nombre de archivo de registro, como se demostr\u00f3 a trav\u00e9s de un nombre de usuario manipulado en un servidor Samba."
    }
  ],
  "id": "CVE-2011-1018",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-02-25T19:00:01.320",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055579.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055585.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055617.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://logwatch.svn.sourceforge.net/viewvc/logwatch/scripts/logwatch.pl?r1=3\u0026r2=26\u0026pathrev=26"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/43356"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43495"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/43622"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/43644"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/43734"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=4D604843.7040303%40mblmail.net\u0026forum_name=logwatch-devel"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=3184223\u0026group_id=312875\u0026atid=1316824"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2011/dsa-2182"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/02/24/13"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/02/24/15"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0324.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/46554"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1025165"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-1078-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2011/0533"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2011/0581"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2011/0596"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680237"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055579.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055585.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055617.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://logwatch.svn.sourceforge.net/viewvc/logwatch/scripts/logwatch.pl?r1=3\u0026r2=26\u0026pathrev=26"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43356"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/43495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43734"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=4D604843.7040303%40mblmail.net\u0026forum_name=logwatch-devel"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sourceforge.net/tracker/?func=detail\u0026aid=3184223\u0026group_id=312875\u0026atid=1316824"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2011/dsa-2182"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/02/24/13"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2011/02/24/15"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2011-0324.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/46554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1025165"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1078-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0533"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0596"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680237"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}