Local Privilege Escalation in SUSE openSUSE Factory logrotate
CVE-2011-1550

Currently unrated

Key Information:

Vendor

Gentoo

Status
Logrotate
Vendor
CVE Published:
30 March 2011

What is CVE-2011-1550?

The logrotate tool in SUSE openSUSE Factory is misconfigured to use root privileges when processing files in directories with non-root write access. This oversight allows local users to exploit symlink and hard link attacks, leveraging the tool's inability to properly handle files in untrusted directories. Impacted directories may include those for packages like cobbler, inn, safe-monitor, and uucp, putting the system at risk of unauthorized modifications and access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://openwall.com/lists/oss-security/2011/03/04/19
mailing-listx_refsource_MLIST
http://openwall.com/lists/oss-security/2011/03/04/16
mailing-listx_refsource_MLIST
http://openwall.com/lists/oss-security/2011/03/04/25
mailing-listx_refsource_MLIST

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.