FKIE_CVE-2011-1550

Vulnerability from fkie_nvd - Published: 2011-03-30 22:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The default configuration of logrotate on SUSE openSUSE Factory uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories for the (1) cobbler, (2) inn, (3) safte-monitor, and (4) uucp packages.
References
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/04/16
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/04/17
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/04/18
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/04/19
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/04/22
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/04/24
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/04/25
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/04/26
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/04/27
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/04/28
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/04/29
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/04/30
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/04/31
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/04/32
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/04/33
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/05/4
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/05/6
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/05/8
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/06/3
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/06/4
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/06/5
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/06/6
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/07/11
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/07/5
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/07/6
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/08/5
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/10/2
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/10/3
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/10/6
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/10/7
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/11/3
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/11/5
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/14/26
cve@mitre.orghttp://openwall.com/lists/oss-security/2011/03/23/11
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/04/16
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/04/17
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/04/18
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/04/19
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/04/22
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/04/24
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/04/25
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/04/26
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/04/27
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/04/28
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/04/29
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/04/30
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/04/31
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/04/32
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/04/33
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/05/4
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/05/6
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/05/8
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/06/3
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/06/4
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/06/5
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/06/6
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/07/11
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/07/5
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/07/6
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/08/5
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/10/2
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/10/3
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/10/6
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/10/7
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/11/3
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/11/5
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/14/26
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2011/03/23/11
Impacted products
Vendor Product Version
gentoo logrotate *
novell opensuse_factory *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gentoo:logrotate:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "24285EAC-E6BE-421E-B6C1-35CF176769E5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:novell:opensuse_factory:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "882DC849-895C-4BD7-91AA-A8F38F418300",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The default configuration of logrotate on SUSE openSUSE Factory uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate\u0027s lack of support for untrusted directories, as demonstrated by directories for the (1) cobbler, (2) inn, (3) safte-monitor, and (4) uucp packages."
    },
    {
      "lang": "es",
      "value": "La configuraci\u00f3n por defecto de logrotate en SUSE openSUSE Factory utiliza privilegios de administrador para procesar ficheros en directorios que permite a un no-adminitrador acceso de escritura, lo que permite a usuarios locales conducir ataques de enlace simb\u00f3lico y enlace fijo aprovech\u00e1ndose de la falta de soporte en logrotate para directorios no confiables, como se demostr\u00f3 en directorios para el (1) cobbler, (2) inn, (3) safte-monitor, y (4) paquetes uccp."
    }
  ],
  "id": "CVE-2011-1550",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:N/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 9.2,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-03-30T22:55:02.707",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/16"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/17"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/18"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/19"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/22"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/24"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/25"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/26"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/27"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/28"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/29"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/30"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/31"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/32"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/33"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/05/4"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/05/6"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/05/8"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/06/3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/06/4"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/06/5"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/06/6"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/07/11"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/07/5"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/07/6"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/08/5"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/10/2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/10/3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/10/6"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/10/7"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/11/3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/11/5"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/14/26"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2011/03/23/11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/16"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/17"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/18"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/19"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/22"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/24"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/25"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/26"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/27"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/28"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/29"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/30"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/31"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/32"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/04/33"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/05/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/05/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/05/8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/06/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/06/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/06/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/06/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/07/11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/07/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/07/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/08/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/10/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/10/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/10/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/10/7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/11/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/11/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/14/26"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2011/03/23/11"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.