1. CVE-Search
  2. CVE-2011-1155
ID CVE-2011-1155
Summary The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.
References
Vulnerable Configurations
  • cpe:2.3:a:gentoo:logrotate:3.3:r2:*:*:*:*:*:*
    cpe:2.3:a:gentoo:logrotate:3.3:r2:*:*:*:*:*:*
  • cpe:2.3:a:gentoo:logrotate:3.5.9:*:*:*:*:*:*:*
    cpe:2.3:a:gentoo:logrotate:3.5.9:*:*:*:*:*:*:*
  • cpe:2.3:a:gentoo:logrotate:3.5.9:r1:*:*:*:*:*:*
    cpe:2.3:a:gentoo:logrotate:3.5.9:r1:*:*:*:*:*:*
  • cpe:2.3:a:gentoo:logrotate:3.6.5:*:*:*:*:*:*:*
    cpe:2.3:a:gentoo:logrotate:3.6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gentoo:logrotate:3.6.5:r1:*:*:*:*:*:*
    cpe:2.3:a:gentoo:logrotate:3.6.5:r1:*:*:*:*:*:*
  • cpe:2.3:a:gentoo:logrotate:3.7:*:*:*:*:*:*:*
    cpe:2.3:a:gentoo:logrotate:3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:gentoo:logrotate:3.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:gentoo:logrotate:3.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gentoo:logrotate:3.7.1:r1:*:*:*:*:*:*
    cpe:2.3:a:gentoo:logrotate:3.7.1:r1:*:*:*:*:*:*
  • cpe:2.3:a:gentoo:logrotate:3.7.1:r2:*:*:*:*:*:*
    cpe:2.3:a:gentoo:logrotate:3.7.1:r2:*:*:*:*:*:*
  • cpe:2.3:a:gentoo:logrotate:3.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:gentoo:logrotate:3.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gentoo:logrotate:3.7.6:*:*:*:*:*:*:*
    cpe:2.3:a:gentoo:logrotate:3.7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gentoo:logrotate:3.7.7:*:*:*:*:*:*:*
    cpe:2.3:a:gentoo:logrotate:3.7.7:*:*:*:*:*:*:*
  • cpe:2.3:a:gentoo:logrotate:3.7.8:*:*:*:*:*:*:*
    cpe:2.3:a:gentoo:logrotate:3.7.8:*:*:*:*:*:*:*
  • cpe:2.3:a:gentoo:logrotate:*:*:*:*:*:*:*:*
    cpe:2.3:a:gentoo:logrotate:*:*:*:*:*:*:*:*
CVSS
Base: 1.9 (as of 21-04-2011 - 02:33)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:L/AC:M/Au:N/C:N/I:N/A:P
redhat via4
advisories
bugzilla
id 680798
title CVE-2011-1098 logrotate: TOCTOU race condition by creation of new files (between opening the file and moment, final permissions have been applied) [information disclosure]
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 6 is installed
      oval oval:com.redhat.rhba:tst:20111656003
    • comment logrotate is earlier than 0:3.7.8-12.el6_0.1
      oval oval:com.redhat.rhsa:tst:20110407001
    • comment logrotate is signed with Red Hat redhatrelease2 key
      oval oval:com.redhat.rhsa:tst:20110407002
rhsa
id RHSA-2011:0407
released 2011-03-31
severity Moderate
title RHSA-2011:0407: logrotate security update (Moderate)
rpms
  • logrotate-0:3.7.8-12.el6_0.1
  • logrotate-debuginfo-0:3.7.8-12.el6_0.1
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=680797
fedora
  • FEDORA-2011-3739
  • FEDORA-2011-3758
mandriva MDVSA-2011:065
mlist
  • [oss-security] 20110304 CVE Request -- logrotate -- nine issues
  • [oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues
  • [oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues
  • [oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues
  • [oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues
  • [oss-security] 20110308 Re: CVE Request -- logrotate -- nine issues
  • [oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues
  • [oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues
  • [oss-security] 20110314 Re: CVE Request -- logrotate -- nine issues
  • [oss-security] 20110323 Re: CVE Request -- logrotate -- nine issues
secunia 43955
vupen
  • ADV-2011-0791
  • ADV-2011-0872
  • ADV-2011-0961
Last major update 21-04-2011 - 02:33
Published 30-03-2011 - 22:55
Last modified 21-04-2011 - 02:33
Back to Top