// For flags

CVE-2011-1098

logrotate: TOCTOU race condition by creation of new files (between opening the file and moment, final permissions have been applied) [information disclosure]

Severity Score

1.9
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place.

CondiciĆ³n de carrera en la funciĆ³n createOutputFile en logrotate.c en logrotate v3.7.9 y anteriores permite a usuarios locales leer los datos de registro mediante la apertura de un archivo antes de que los permisos previstos este activos.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2011-02-24 CVE Reserved
  • 2011-03-30 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
  • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CAPEC
References (44)
URL Tag Source
http://openwall.com/lists/oss-security/2011/03/04/17 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/18 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/19 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/22 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/24 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/25 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/26 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/27 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/28 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/29 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/30 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/31 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/32 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/33 Mailing List
http://openwall.com/lists/oss-security/2011/03/05/4 Mailing List
http://openwall.com/lists/oss-security/2011/03/05/6 Mailing List
http://openwall.com/lists/oss-security/2011/03/05/8 Mailing List
http://openwall.com/lists/oss-security/2011/03/06/3 Mailing List
http://openwall.com/lists/oss-security/2011/03/06/4 Mailing List
http://openwall.com/lists/oss-security/2011/03/06/5 Mailing List
http://openwall.com/lists/oss-security/2011/03/06/6 Mailing List
http://openwall.com/lists/oss-security/2011/03/07/5 Mailing List
http://openwall.com/lists/oss-security/2011/03/07/6 Mailing List
http://openwall.com/lists/oss-security/2011/03/08/5 Mailing List
http://openwall.com/lists/oss-security/2011/03/10/2 Mailing List
http://openwall.com/lists/oss-security/2011/03/10/3 Mailing List
http://openwall.com/lists/oss-security/2011/03/10/6 Mailing List
http://openwall.com/lists/oss-security/2011/03/10/7 Mailing List
http://openwall.com/lists/oss-security/2011/03/11/3 Mailing List
http://openwall.com/lists/oss-security/2011/03/11/5 Mailing List
http://openwall.com/lists/oss-security/2011/03/14/26 Mailing List
http://openwall.com/lists/oss-security/2011/03/23/11 Mailing List
http://secunia.com/advisories/43955 Third Party Advisory
http://www.vupen.com/english/advisories/2011/0872 Vdb Entry
http://www.vupen.com/english/advisories/2011/0961 Vdb Entry
URL Date SRC
URL Date SRC
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.html 2023-02-13
http://openwall.com/lists/oss-security/2011/03/04/16 2023-02-13
http://openwall.com/lists/oss-security/2011/03/07/11 2023-02-13
https://bugzilla.redhat.com/show_bug.cgi?id=680798 2011-03-31
URL Date SRC
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.html 2023-02-13
http://www.mandriva.com/security/advisories?name=MDVSA-2011:065 2023-02-13
http://www.redhat.com/support/errata/RHSA-2011-0407.html 2023-02-13
http://www.vupen.com/english/advisories/2011/0791 2023-02-13
https://access.redhat.com/security/cve/CVE-2011-1098 2011-03-31
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Gentoo
Search vendor "Gentoo"
 Logrotate
Search vendor "Gentoo" for product "Logrotate"
 <= 3.7.9
Search vendor "Gentoo" for product "Logrotate" and version " <= 3.7.9"
-
Affected
Gentoo
Search vendor "Gentoo"
 Logrotate
Search vendor "Gentoo" for product "Logrotate"
 3.3
Search vendor "Gentoo" for product "Logrotate" and version "3.3"
r2
Affected
Gentoo
Search vendor "Gentoo"
 Logrotate
Search vendor "Gentoo" for product "Logrotate"
 3.5.9
Search vendor "Gentoo" for product "Logrotate" and version "3.5.9"
-
Affected
Gentoo
Search vendor "Gentoo"
 Logrotate
Search vendor "Gentoo" for product "Logrotate"
 3.5.9
Search vendor "Gentoo" for product "Logrotate" and version "3.5.9"
r1
Affected
Gentoo
Search vendor "Gentoo"
 Logrotate
Search vendor "Gentoo" for product "Logrotate"
 3.6.5
Search vendor "Gentoo" for product "Logrotate" and version "3.6.5"
-
Affected
Gentoo
Search vendor "Gentoo"
 Logrotate
Search vendor "Gentoo" for product "Logrotate"
 3.6.5
Search vendor "Gentoo" for product "Logrotate" and version "3.6.5"
r1
Affected
Gentoo
Search vendor "Gentoo"
 Logrotate
Search vendor "Gentoo" for product "Logrotate"
 3.7
Search vendor "Gentoo" for product "Logrotate" and version "3.7"
-
Affected
Gentoo
Search vendor "Gentoo"
 Logrotate
Search vendor "Gentoo" for product "Logrotate"
 3.7.1
Search vendor "Gentoo" for product "Logrotate" and version "3.7.1"
-
Affected
Gentoo
Search vendor "Gentoo"
 Logrotate
Search vendor "Gentoo" for product "Logrotate"
 3.7.1
Search vendor "Gentoo" for product "Logrotate" and version "3.7.1"
r1
Affected
Gentoo
Search vendor "Gentoo"
 Logrotate
Search vendor "Gentoo" for product "Logrotate"
 3.7.1
Search vendor "Gentoo" for product "Logrotate" and version "3.7.1"
r2
Affected
Gentoo
Search vendor "Gentoo"
 Logrotate
Search vendor "Gentoo" for product "Logrotate"
 3.7.2
Search vendor "Gentoo" for product "Logrotate" and version "3.7.2"
-
Affected
Gentoo
Search vendor "Gentoo"
 Logrotate
Search vendor "Gentoo" for product "Logrotate"
 3.7.6
Search vendor "Gentoo" for product "Logrotate" and version "3.7.6"
-
Affected
Gentoo
Search vendor "Gentoo"
 Logrotate
Search vendor "Gentoo" for product "Logrotate"
 3.7.7
Search vendor "Gentoo" for product "Logrotate" and version "3.7.7"
-
Affected
Gentoo
Search vendor "Gentoo"
 Logrotate
Search vendor "Gentoo" for product "Logrotate"
 3.7.8
Search vendor "Gentoo" for product "Logrotate" and version "3.7.8"
-
Affected