Vulnerability Description
The default configuration of logrotate on Gentoo Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories under /var/log/ for packages.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gentoo | Logrotate | All versions |
| Gentoo | Linux | All versions |
Related Weaknesses (CWE)
References
- http://openwall.com/lists/oss-security/2011/03/04/16
- http://openwall.com/lists/oss-security/2011/03/04/17
- http://openwall.com/lists/oss-security/2011/03/04/18
- http://openwall.com/lists/oss-security/2011/03/04/19
- http://openwall.com/lists/oss-security/2011/03/04/22
- http://openwall.com/lists/oss-security/2011/03/04/24
- http://openwall.com/lists/oss-security/2011/03/04/25
- http://openwall.com/lists/oss-security/2011/03/04/26
- http://openwall.com/lists/oss-security/2011/03/04/27
- http://openwall.com/lists/oss-security/2011/03/04/28
- http://openwall.com/lists/oss-security/2011/03/04/29
- http://openwall.com/lists/oss-security/2011/03/04/30
- http://openwall.com/lists/oss-security/2011/03/04/31
- http://openwall.com/lists/oss-security/2011/03/04/32
- http://openwall.com/lists/oss-security/2011/03/04/33
FAQ
What is CVE-2011-1549?
CVE-2011-1549 is a vulnerability with a CVSS score of 6.3 (MEDIUM). The default configuration of logrotate on Gentoo Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link...
How severe is CVE-2011-1549?
CVE-2011-1549 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1549?
Check the references section above for vendor advisories and patch information. Affected products include: Gentoo Logrotate, Gentoo Linux.