exploitDog

GHSA-hpp7-cgr7-qg33

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The default configuration of logrotate on Gentoo Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories under /var/log/ for packages.

The default configuration of logrotate on Gentoo Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories under /var/log/ for packages.

Ссылки

EPSS

Процентиль: 19%

0.00061

Низкий

CVE ID

Связанные уязвимости

CVE-2011-1549

ubuntu

почти 15 лет назад

The default configuration of logrotate on Gentoo Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories under /var/log/ for packages.

CVE-2011-1549

nvd

почти 15 лет назад

The default configuration of logrotate on Gentoo Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories under /var/log/ for packages.

CVE-2011-1549

debian

почти 15 лет назад

The default configuration of logrotate on Gentoo Linux uses root privi ...

BDU:2015-09654

fstec

больше 13 лет назад

Уязвимости операционной системы Gentoo Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 19%

0.00061

Низкий

CVE ID