Local Privilege Escalation in SUSE openSUSE Factory logrotate
CVE-2011-1550

Currently unrated

Key Information:

Vendor: Gentoo
Status: Logrotate
Vendor: CVE Published:; 30 March 2011

What is CVE-2011-1550?

The logrotate tool in SUSE openSUSE Factory is misconfigured to use root privileges when processing files in directories with non-root write access. This oversight allows local users to exploit symlink and hard link attacks, leveraging the tool's inability to properly handle files in untrusted directories. Impacted directories may include those for packages like cobbler, inn, safe-monitor, and uucp, putting the system at risk of unauthorized modifications and access.

References

http://openwall.com/lists/oss-security/2011/03/04/19

mailing-listx_refsource_MLIST

http://openwall.com/lists/oss-security/2011/03/04/16

mailing-listx_refsource_MLIST

http://openwall.com/lists/oss-security/2011/03/04/25

mailing-listx_refsource_MLIST

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 30, 2011

Gentoo

What is CVE-2011-1550?

References

Timeline