{ "schema_version": "1.4.0", "id": "GHSA-x7w4-r6vr-7hqw", "modified": "2022-05-17T05:41:38Z", "published": "2022-05-17T05:41:38Z", "aliases": [ "CVE-2011-1548" ], "details": "The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by /var/log/postgresql/.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1548" }, { "type": "WEB", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606544" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/04/16" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/04/17" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/04/18" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/04/19" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/04/22" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/04/24" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/04/25" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/04/26" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/04/27" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/04/28" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/04/29" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/04/30" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/04/31" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/04/32" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/04/33" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/05/4" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/05/6" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/05/8" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/06/3" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/06/4" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/06/5" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/06/6" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/07/11" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/07/5" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/07/6" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/08/5" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/10/2" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/10/3" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/10/6" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/10/7" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/11/3" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/11/5" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/14/26" }, { "type": "WEB", "url": "http://openwall.com/lists/oss-security/2011/03/23/11" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/47167" } ], "database_specific": { "cwe_ids": [], "severity": "MODERATE", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2011-03-30T22:55:00Z" } }