Описание
The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 3.7.8-6ubuntu4 |
| hardy | released | 3.7.1-3ubuntu0.8.04.1 |
| karmic | ignored | end of life |
| lucid | released | 3.7.8-4ubuntu2.2 |
| maverick | released | 3.7.8-6ubuntu1.1 |
| natty | released | 3.7.8-6ubuntu3.1 |
| upstream | needs-triage |
Показывать по
EPSS
1.9 Low
CVSS2
Связанные уязвимости
The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.
The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.
The writeState function in logrotate.c in logrotate 3.7.9 and earlier ...
The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.
EPSS
1.9 Low
CVSS2