Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
logrotate vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-1098
Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and previous versions allows local users to read log data by opening a file before the intended permissions are in place.
Gentoo Logrotate 3.6.5
Gentoo Logrotate 3.7.8
Gentoo Logrotate 3.5.9
Gentoo Logrotate 3.7.6
Gentoo Logrotate 3.3
Gentoo Logrotate 3.7.2
Gentoo Logrotate 3.7
Gentoo Logrotate 3.7.1
Gentoo Logrotate
Gentoo Logrotate 3.7.7
NA
CVE-2011-1155
The writeState function in logrotate.c in logrotate 3.7.9 and previous versions might allow context-dependent malicious users to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that...
Gentoo Logrotate 3.7.1
Gentoo Logrotate 3.6.5
Gentoo Logrotate 3.7.8
Gentoo Logrotate 3.7
Gentoo Logrotate 3.5.9
Gentoo Logrotate
Gentoo Logrotate 3.7.6
Gentoo Logrotate 3.3
Gentoo Logrotate 3.7.2
Gentoo Logrotate 3.7.7
NA
CVE-2011-1154
The shred_file function in logrotate.c in logrotate 3.7.9 and previous versions might allow context-dependent malicious users to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of ...
Gentoo Logrotate 3.7.1
Gentoo Logrotate 3.7.6
Gentoo Logrotate 3.5.9
Gentoo Logrotate 3.3
Gentoo Logrotate 3.6.5
Gentoo Logrotate 3.7.8
Gentoo Logrotate 3.7
Gentoo Logrotate
Gentoo Logrotate 3.7.2
Gentoo Logrotate 3.7.7
6.5
CVSSv3
CVE-2022-1348
A vulnerability was found in logrotate in how the state file is created. The state file is used to prevent parallel executions of multiple instances of logrotate by acquiring and releasing a file lock. When the state file does not exist, it is created with world-readable permissi...
Logrotate Project Logrotate
Fedoraproject Fedora 35
Fedoraproject Fedora 36
NA
CVE-2011-1548
The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted direct...
Gentoo Logrotate
NA
CVE-2011-1549
The default configuration of logrotate on Gentoo Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directorie...
Gentoo Logrotate
NA
CVE-2011-1550
The default configuration of logrotate on SUSE openSUSE Factory uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted d...
Gentoo Logrotate
9.8
CVSSv3
CVE-2019-15741
An issue exists in GitLab Omnibus 7.4 up to and including 12.2.1. An unsafe interaction with logrotate could result in a privilege escalation
Gitlab Omnibus
NA
CVE-2007-6211
Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L (output log file) option. NOTE: this issue is only a vulnerability in limited environments, since sing is not installed setuid, and the administrator ...
Sing Sing 1.1
1 EDB exploit
7
CVSSv3
CVE-2019-11675
The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate. For example, an attacker can exploit a race condition to insert a symlink from /va...
Groonga Groonga-httpd 6.5.1-1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »