CVE-2011-1154

Current Description

The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.

Basic Data

PublishedMarch 30, 2011
Last ModifiedApril 21, 2011
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-20
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score6.9
SeverityMEDIUM
Exploitability Score3.4
Impact Score10.0
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationGentooLogrotate3.3r2******
    2.3ApplicationGentooLogrotate3.5.9*******
    2.3ApplicationGentooLogrotate3.5.9r1******
    2.3ApplicationGentooLogrotate3.6.5*******
    2.3ApplicationGentooLogrotate3.6.5r1******
    2.3ApplicationGentooLogrotate3.7*******
    2.3ApplicationGentooLogrotate3.7.1*******
    2.3ApplicationGentooLogrotate3.7.1r1******
    2.3ApplicationGentooLogrotate3.7.1r2******
    2.3ApplicationGentooLogrotate3.7.2*******
    2.3ApplicationGentooLogrotate3.7.6*******
    2.3ApplicationGentooLogrotate3.7.7*******
    2.3ApplicationGentooLogrotate3.7.8*******
    2.3ApplicationGentooLogrotate********3.7.9

Vulnerable Software List

VendorProductVersions
Gentoo Logrotate *, 3.3, 3.5.9, 3.6.5, 3.7, 3.7.1, 3.7.2, 3.7.6, 3.7.7, 3.7.8

References

NameSourceURLTags
FEDORA-2011-3739http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.htmlFEDORA
FEDORA-2011-3758http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.htmlFEDORAPatch
[oss-security] 20110304 CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/04/16MLIST
[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/04/17MLIST
[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/04/18MLIST
[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/04/19MLIST
[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/04/22MLIST
[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/04/24MLIST
[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/04/25MLIST
[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/04/26MLIST
[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/04/27MLIST
[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/04/28MLIST
[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/04/29MLIST
[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/04/30MLIST
[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/04/31MLIST
[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/04/32MLIST
[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/04/33MLIST
[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/05/4MLIST
[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/05/6MLIST
[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/05/8MLIST
[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/06/3MLIST
[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/06/4MLIST
[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/06/5MLIST
[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/06/6MLIST
[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/07/11MLISTPatch
[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/07/5MLIST
[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/07/6MLIST
[oss-security] 20110308 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/08/5MLIST
[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/10/2MLIST
[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/10/3MLIST
[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/10/6MLIST
[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/10/7MLIST
[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/11/3MLIST
[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/11/5MLIST
[oss-security] 20110314 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/14/26MLIST
[oss-security] 20110323 Re: CVE Request -- logrotate -- nine issueshttp://openwall.com/lists/oss-security/2011/03/23/11MLIST
43955http://secunia.com/advisories/43955SECUNIA
MDVSA-2011:065http://www.mandriva.com/security/advisories?name=MDVSA-2011:065MANDRIVA
RHSA-2011:0407http://www.redhat.com/support/errata/RHSA-2011-0407.htmlREDHAT
ADV-2011-0791http://www.vupen.com/english/advisories/2011/0791VUPENVendor Advisory
ADV-2011-0872http://www.vupen.com/english/advisories/2011/0872VUPEN
ADV-2011-0961http://www.vupen.com/english/advisories/2011/0961VUPEN
https://bugzilla.redhat.com/show_bug.cgi?id=680796https://bugzilla.redhat.com/show_bug.cgi?id=680796CONFIRMPatch