CVE-2011-1154Improper Input Validation in Logrotate

CWE-20Improper Input Validation8 documents7 sources
Severity
6.9MEDIUMNVD
EPSS
0.1%
top 84.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Logrotate Project LogrotateDebian LogrotateGentoo Logrotate
Timeline
PublishedMar 30
Latest updateMay 17

Description

The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages3 packages

debiandebian/logrotate< logrotate 3.8.0-1 (bookworm)
Debianlogrotate_project/logrotate< 3.8.0-1+3
NVDgentoo/logrotate3.7.9+9

Patches

Patch: lists.fedoraproject.orgPatch: openwall.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

2
GHSA
GHSA-57xq-cfp9-365f: The shred_file function in logrotate2022-05-17
OSV
CVE-2011-1154: The shred_file function in logrotate2011-03-30

📋Vendor Advisories

3
Ubuntu
logrotate vulnerabilities2011-07-21
Red Hat
logrotate: Shell command injection by using the shred configuration directive2011-02-13
Debian
CVE-2011-1154: logrotate - The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allo...2011

💬Community

2
Bugzilla
CVE-2011-1098 CVE-2011-1154 CVE-2011-1155 logrotate various flaws [fedora-all]2011-03-17
Bugzilla
CVE-2011-1154 logrotate: Shell command injection by using the shred configuration directive2011-02-27