// For flags

CVE-2011-1548

 

Severity Score

6.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by /var/log/postgresql/.

La configuración por defecto en logrotate en Debien GNU/Linux usa privilegios de administrador para procesar archivos en directorios que permite acceso de escritura a no-administradores, lo que permite a usuarios locales conducir ataques de enlace simbólico y enlace fijo aprovechándose de la falta de soporte en logrotate para directorios no confiables, como fue desmotrado por /var/log/postgresql/.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2011-03-30 CVE Reserved
  • 2011-03-30 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (36)
URL Tag Source
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606544 X_refsource_misc
http://openwall.com/lists/oss-security/2011/03/04/16 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/17 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/18 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/19 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/22 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/24 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/25 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/26 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/27 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/28 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/29 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/30 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/31 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/32 Mailing List
http://openwall.com/lists/oss-security/2011/03/04/33 Mailing List
http://openwall.com/lists/oss-security/2011/03/05/4 Mailing List
http://openwall.com/lists/oss-security/2011/03/05/6 Mailing List
http://openwall.com/lists/oss-security/2011/03/05/8 Mailing List
http://openwall.com/lists/oss-security/2011/03/06/3 Mailing List
http://openwall.com/lists/oss-security/2011/03/06/4 Mailing List
http://openwall.com/lists/oss-security/2011/03/06/5 Mailing List
http://openwall.com/lists/oss-security/2011/03/06/6 Mailing List
http://openwall.com/lists/oss-security/2011/03/07/11 Mailing List
http://openwall.com/lists/oss-security/2011/03/07/5 Mailing List
http://openwall.com/lists/oss-security/2011/03/07/6 Mailing List
http://openwall.com/lists/oss-security/2011/03/08/5 Mailing List
http://openwall.com/lists/oss-security/2011/03/10/2 Mailing List
http://openwall.com/lists/oss-security/2011/03/10/3 Mailing List
http://openwall.com/lists/oss-security/2011/03/10/6 Mailing List
http://openwall.com/lists/oss-security/2011/03/10/7 Mailing List
http://openwall.com/lists/oss-security/2011/03/11/3 Mailing List
http://openwall.com/lists/oss-security/2011/03/11/5 Mailing List
http://openwall.com/lists/oss-security/2011/03/14/26 Mailing List
http://openwall.com/lists/oss-security/2011/03/23/11 Mailing List
http://www.securityfocus.com/bid/47167 Vdb Entry
URL Date SRC
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Gentoo
Search vendor "Gentoo"
Logrotate
Search vendor "Gentoo" for product "Logrotate"
*-
Affected
in Debian
Search vendor "Debian"
Linux
Search vendor "Debian" for product "Linux"
*-
Safe