CVE-2011-1154 (GCVE-0-2011-1154)
Vulnerability from cvelistv5 – Published: 2011-03-30 22:00 – Updated: 2024-08-06 22:14
VLAI?
Summary
The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:14:27.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/19"
},
{
"name": "[oss-security] 20110304 CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/16"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/25"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/30"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/26"
},
{
"name": "[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/10/3"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/28"
},
{
"name": "[oss-security] 20110308 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/5"
},
{
"name": "43955",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43955"
},
{
"name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/5"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/31"
},
{
"name": "ADV-2011-0961",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0961"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/17"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=680796"
},
{
"name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/10/6"
},
{
"name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/06/3"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/29"
},
{
"name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/6"
},
{
"name": "[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/6"
},
{
"name": "FEDORA-2011-3739",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.html"
},
{
"name": "[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/4"
},
{
"name": "ADV-2011-0791",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0791"
},
{
"name": "MDVSA-2011:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:065"
},
{
"name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/11"
},
{
"name": "[oss-security] 20110323 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/23/11"
},
{
"name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/06/5"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/18"
},
{
"name": "FEDORA-2011-3758",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.html"
},
{
"name": "[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/10/2"
},
{
"name": "RHSA-2011:0407",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0407.html"
},
{
"name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/11/3"
},
{
"name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/10/7"
},
{
"name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/8"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/22"
},
{
"name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/11/5"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/27"
},
{
"name": "ADV-2011-0872",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0872"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/32"
},
{
"name": "[oss-security] 20110314 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/26"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/24"
},
{
"name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/06/4"
},
{
"name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/06/6"
},
{
"name": "[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/33"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-04-21T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/19"
},
{
"name": "[oss-security] 20110304 CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/16"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/25"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/30"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/26"
},
{
"name": "[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/10/3"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/28"
},
{
"name": "[oss-security] 20110308 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/08/5"
},
{
"name": "43955",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43955"
},
{
"name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/5"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/31"
},
{
"name": "ADV-2011-0961",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0961"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/17"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=680796"
},
{
"name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/10/6"
},
{
"name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/06/3"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/29"
},
{
"name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/6"
},
{
"name": "[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/6"
},
{
"name": "FEDORA-2011-3739",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.html"
},
{
"name": "[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/4"
},
{
"name": "ADV-2011-0791",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0791"
},
{
"name": "MDVSA-2011:065",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:065"
},
{
"name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/07/11"
},
{
"name": "[oss-security] 20110323 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/23/11"
},
{
"name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/06/5"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/18"
},
{
"name": "FEDORA-2011-3758",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.html"
},
{
"name": "[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/10/2"
},
{
"name": "RHSA-2011:0407",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0407.html"
},
{
"name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/11/3"
},
{
"name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/10/7"
},
{
"name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/05/8"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/22"
},
{
"name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/11/5"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/27"
},
{
"name": "ADV-2011-0872",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0872"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/32"
},
{
"name": "[oss-security] 20110314 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/14/26"
},
{
"name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/24"
},
{
"name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/06/4"
},
{
"name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/06/6"
},
{
"name": "[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/03/04/33"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1154",
"datePublished": "2011-03-30T22:00:00",
"dateReserved": "2011-03-03T00:00:00",
"dateUpdated": "2024-08-06T22:14:27.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gentoo:logrotate:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"3.7.9\", \"matchCriteriaId\": \"CBB1E3AD-DFB4-4A8F-9753-0049B41BC155\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gentoo:logrotate:3.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E2EEED0-4022-467B-9EBF-E6DA61B16B16\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gentoo:logrotate:3.5.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2BE715C9-9C25-4998-90D3-556E53B177B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gentoo:logrotate:3.5.9:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"812F126C-8855-468A-B723-24C8AEF325E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gentoo:logrotate:3.6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FAAE7BE5-701A-4A90-8163-5ABAC49121CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gentoo:logrotate:3.6.5:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A142B712-B06E-4E87-B7A8-DE12E94C25EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gentoo:logrotate:3.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22668C8E-3C09-4DF2-91B2-C2F699AF8A79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gentoo:logrotate:3.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"61673333-B183-4C09-9012-D78E05FE48EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gentoo:logrotate:3.7.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"C54EBB10-0359-444F-9726-0406D6F8DD40\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gentoo:logrotate:3.7.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"810F039B-E454-446B-94D2-97C67B814483\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gentoo:logrotate:3.7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EACBE194-176D-40BD-AA9E-4179D25A48EC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gentoo:logrotate:3.7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7FA8A482-13E0-4B01-A32F-7AB46FED3ACE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gentoo:logrotate:3.7.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47E3950C-3FBB-41D8-BBA7-FEAB540859A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gentoo:logrotate:3.7.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BEB650B0-8CDB-4DE9-94CE-48E78A453262\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n shred_file en logrotate.c en logrotate v3.7.9 y anteriores puede permitir a atacantes dependiendo del contexto, ejecutar comandos v\\u00eda metacaracteres de la shell en un fichero de registro, como lo demuestra un nombre de archivo que es contruido de forma autom\\u00e1tica sobre la base de un nombre de host o m\\u00e1quina virtual.\"}]",
"id": "CVE-2011-1154",
"lastModified": "2024-11-21T01:25:40.543",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 6.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.4, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2011-03-30T22:55:02.360",
"references": "[{\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/16\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/17\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/18\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/19\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/22\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/24\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/25\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/26\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/27\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/28\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/29\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/30\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/31\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/32\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/33\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/05/4\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/05/6\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/05/8\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/06/3\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/06/4\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/06/5\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/06/6\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/07/11\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/07/5\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/07/6\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/08/5\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/10/2\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/10/3\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/10/6\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/10/7\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/11/3\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/11/5\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/14/26\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/23/11\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://secunia.com/advisories/43955\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2011:065\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-0407.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0791\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0872\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0961\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=680796\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/16\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/17\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/18\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/19\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/22\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/24\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/25\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/26\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/27\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/28\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/29\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/30\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/31\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/32\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/04/33\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/05/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/05/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/05/8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/06/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/06/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/06/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/06/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/07/11\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/07/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/07/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/08/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/10/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/10/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/10/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/10/7\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/11/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/11/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/14/26\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://openwall.com/lists/oss-security/2011/03/23/11\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/43955\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2011:065\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-0407.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0791\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0872\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2011/0961\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=680796\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2011-1154\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2011-03-30T22:55:02.360\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n shred_file en logrotate.c en logrotate v3.7.9 y anteriores puede permitir a atacantes dependiendo del contexto, ejecutar comandos v\u00eda metacaracteres de la shell en un fichero de registro, como lo demuestra un nombre de archivo que es contruido de forma autom\u00e1tica sobre la base de un nombre de host o m\u00e1quina virtual.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":6.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:logrotate:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.7.9\",\"matchCriteriaId\":\"CBB1E3AD-DFB4-4A8F-9753-0049B41BC155\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:logrotate:3.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E2EEED0-4022-467B-9EBF-E6DA61B16B16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:logrotate:3.5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BE715C9-9C25-4998-90D3-556E53B177B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:logrotate:3.5.9:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"812F126C-8855-468A-B723-24C8AEF325E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:logrotate:3.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAAE7BE5-701A-4A90-8163-5ABAC49121CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:logrotate:3.6.5:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A142B712-B06E-4E87-B7A8-DE12E94C25EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:logrotate:3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22668C8E-3C09-4DF2-91B2-C2F699AF8A79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:logrotate:3.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61673333-B183-4C09-9012-D78E05FE48EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:logrotate:3.7.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C54EBB10-0359-444F-9726-0406D6F8DD40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:logrotate:3.7.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"810F039B-E454-446B-94D2-97C67B814483\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:logrotate:3.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EACBE194-176D-40BD-AA9E-4179D25A48EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:logrotate:3.7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FA8A482-13E0-4B01-A32F-7AB46FED3ACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:logrotate:3.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47E3950C-3FBB-41D8-BBA7-FEAB540859A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gentoo:logrotate:3.7.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEB650B0-8CDB-4DE9-94CE-48E78A453262\"}]}]}],\"references\":[{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/16\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/17\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/18\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/19\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/22\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/24\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/25\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/26\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/27\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/28\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/29\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/30\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/31\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/32\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/33\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/05/4\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/05/6\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/05/8\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/06/3\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/06/4\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/06/5\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/06/6\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/07/11\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/07/5\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/07/6\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/08/5\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/10/2\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/10/3\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/10/6\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/10/7\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/11/3\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/11/5\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/14/26\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/23/11\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/43955\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:065\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0407.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0791\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0872\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0961\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=680796\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/17\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/18\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/19\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/22\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/24\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/25\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/26\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/27\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/28\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/29\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/30\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/31\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/32\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/04/33\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/05/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/05/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/05/8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/06/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/06/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/06/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/06/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/07/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/07/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/07/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/08/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/10/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/10/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/10/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/10/7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/11/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/11/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/14/26\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2011/03/23/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/43955\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:065\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0407.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0791\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0872\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0961\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=680796\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…