Published: 30/03/2011 Updated: 13/02/2023

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

VMScore: 169

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N

Subscribe to Logrotate

Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and previous versions allows local users to read log data by opening a file before the intended permissions are in place.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gentoo logrotate 3.6.5
gentoo logrotate 3.7.8
gentoo logrotate 3.5.9
gentoo logrotate 3.7.6
gentoo logrotate 3.3
gentoo logrotate 3.7.2
gentoo logrotate 3.7
gentoo logrotate 3.7.1
gentoo logrotate
gentoo logrotate 3.7.7

An attacker could cause logrotate to run programs, stop working, or read and write arbitrary files ...

CWE-362 http://openwall.com/lists/oss-security/2011/03/04/19 http://openwall.com/lists/oss-security/2011/03/04/22 http://openwall.com/lists/oss-security/2011/03/05/6 http://openwall.com/lists/oss-security/2011/03/23/11 http://openwall.com/lists/oss-security/2011/03/04/29 https://bugzilla.redhat.com/show_bug.cgi?id=680798 http://openwall.com/lists/oss-security/2011/03/04/32 http://openwall.com/lists/oss-security/2011/03/04/28 http://openwall.com/lists/oss-security/2011/03/06/4 http://openwall.com/lists/oss-security/2011/03/04/16 http://openwall.com/lists/oss-security/2011/03/06/5 http://openwall.com/lists/oss-security/2011/03/08/5 http://openwall.com/lists/oss-security/2011/03/11/3 http://openwall.com/lists/oss-security/2011/03/11/5 http://openwall.com/lists/oss-security/2011/03/10/7 http://openwall.com/lists/oss-security/2011/03/06/6 http://openwall.com/lists/oss-security/2011/03/07/5 http://www.vupen.com/english/advisories/2011/0791 http://openwall.com/lists/oss-security/2011/03/07/11 http://openwall.com/lists/oss-security/2011/03/05/8 http://openwall.com/lists/oss-security/2011/03/04/25 http://openwall.com/lists/oss-security/2011/03/04/33 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.html http://openwall.com/lists/oss-security/2011/03/06/3 http://openwall.com/lists/oss-security/2011/03/04/30 http://openwall.com/lists/oss-security/2011/03/10/3 http://openwall.com/lists/oss-security/2011/03/07/6 http://openwall.com/lists/oss-security/2011/03/04/18 http://openwall.com/lists/oss-security/2011/03/10/2 http://openwall.com/lists/oss-security/2011/03/04/24 http://openwall.com/lists/oss-security/2011/03/14/26 http://openwall.com/lists/oss-security/2011/03/04/17 http://openwall.com/lists/oss-security/2011/03/04/27 http://openwall.com/lists/oss-security/2011/03/04/31 http://openwall.com/lists/oss-security/2011/03/04/26 http://openwall.com/lists/oss-security/2011/03/10/6 http://openwall.com/lists/oss-security/2011/03/05/4 http://secunia.com/advisories/43955 http://www.vupen.com/english/advisories/2011/0961 http://www.redhat.com/support/errata/RHSA-2011-0407.html http://www.vupen.com/english/advisories/2011/0872 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.html http://www.mandriva.com/security/advisories?name=MDVSA-2011:065 https://usn.ubuntu.com/1172-1/https://nvd.nist.gov

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook