Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.3
CVSSv2

CVE-2011-1549

Published: 30/03/2011 Updated: 21/04/2011
CVSS v2 Base Score: 6.3 | Impact Score: 9.2 | Exploitability Score: 3.4
VMScore: 561
Vector: AV:L/AC:M/Au:N/C:N/I:C/A:C
Subscribe to Gentoo

Vulnerability Summary

The default configuration of logrotate on Gentoo Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories under /var/log/ for packages.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gentoo logrotate

References

CWE-264http://openwall.com/lists/oss-security/2011/03/04/18http://openwall.com/lists/oss-security/2011/03/04/33http://openwall.com/lists/oss-security/2011/03/11/5http://openwall.com/lists/oss-security/2011/03/05/8http://openwall.com/lists/oss-security/2011/03/10/6http://openwall.com/lists/oss-security/2011/03/14/26http://openwall.com/lists/oss-security/2011/03/04/27http://openwall.com/lists/oss-security/2011/03/06/5http://openwall.com/lists/oss-security/2011/03/05/6http://openwall.com/lists/oss-security/2011/03/10/7http://openwall.com/lists/oss-security/2011/03/23/11http://openwall.com/lists/oss-security/2011/03/11/3http://openwall.com/lists/oss-security/2011/03/04/17http://openwall.com/lists/oss-security/2011/03/04/30http://openwall.com/lists/oss-security/2011/03/06/6http://openwall.com/lists/oss-security/2011/03/04/29http://openwall.com/lists/oss-security/2011/03/06/4http://openwall.com/lists/oss-security/2011/03/05/4http://openwall.com/lists/oss-security/2011/03/04/28http://openwall.com/lists/oss-security/2011/03/10/2http://openwall.com/lists/oss-security/2011/03/04/32http://openwall.com/lists/oss-security/2011/03/07/11http://openwall.com/lists/oss-security/2011/03/04/31http://openwall.com/lists/oss-security/2011/03/06/3http://openwall.com/lists/oss-security/2011/03/07/6http://openwall.com/lists/oss-security/2011/03/04/24http://openwall.com/lists/oss-security/2011/03/10/3http://openwall.com/lists/oss-security/2011/03/04/22http://openwall.com/lists/oss-security/2011/03/07/5http://openwall.com/lists/oss-security/2011/03/08/5http://openwall.com/lists/oss-security/2011/03/04/25http://openwall.com/lists/oss-security/2011/03/04/26http://openwall.com/lists/oss-security/2011/03/04/16http://openwall.com/lists/oss-security/2011/03/04/19http://www.securityfocus.com/bid/47170https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook