CVE-2007-6211 – Send ICMP Nasty Garbage (SING) - Append File Logrotate

https://notcve.org/view.php?id=CVE-2007-6211

Send ICMP Nasty Garbage (sing) on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L (output log file) option. NOTE: this issue is only a vulnerability in limited environments, since sing is not installed setuid, and the administrator would need to override a non-setuid default during installation. Send ICMP Nasty Garbage (sing) en Debian GNU/Linux, permite a usuarios locales agregar archivos arbitrarios y alcanzar privilegios por medio de la opción -L (archivo de registro de salida). NOTA: este problema es solo una vulnerabilidad en entornos limitados, ya que en sing no está instalado setuid, y el administrador necesitaría invalidar un valor predeterminado que no sea setuid durante la instalación. • https://www.exploit-db.com/exploits/4698 http://osvdb.org/44157 http://securityreason.com/securityalert/3412 http://www.securityfocus.com/archive/1/484472/100/0/threaded http://www.securityfocus.com/archive/1/484591/100/200/threaded http://www.securityfocus.com/bid/26679 https://exchange.xforce.ibmcloud.com/vulnerabilities/38822 • CWE-264: Permissions, Privileges, and Access Controls •