What is the severity of CVE-2011-1548?

The severity of CVE-2011-1548 is considered high due to the potential for local users to exploit it to gain unauthorized access and manipulate log files.

How do I fix CVE-2011-1548?

To fix CVE-2011-1548, ensure that logrotate is configured to operate on trusted directories only, or update to a version that addresses this vulnerability.

Who is affected by CVE-2011-1548?

CVE-2011-1548 affects systems utilizing logrotate with insufficient directory access controls, particularly Debian GNU/Linux installations.

What kind of attacks can be performed using CVE-2011-1548?

CVE-2011-1548 enables local users to perform symlink and hard link attacks, potentially allowing them to manipulate sensitive log files.

Is there a patch available for CVE-2011-1548?

Yes, a patch is available in later releases of logrotate that addresses the vulnerabilities associated with CVE-2011-1548.

Vulnerability/
CVE-2011-1548

medium

6.3

CWE

264

30/3/2011

6/8/2024

CVE-2011-1548

First published: Wed Mar 30 2011(Updated: )

The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by /var/log/postgresql/.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Logrotate
Debian GNU/Linux

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2011-1548?
The severity of CVE-2011-1548 is considered high due to the potential for local users to exploit it to gain unauthorized access and manipulate log files.
How do I fix CVE-2011-1548?
To fix CVE-2011-1548, ensure that logrotate is configured to operate on trusted directories only, or update to a version that addresses this vulnerability.
Who is affected by CVE-2011-1548?
CVE-2011-1548 affects systems utilizing logrotate with insufficient directory access controls, particularly Debian GNU/Linux installations.
What kind of attacks can be performed using CVE-2011-1548?
CVE-2011-1548 enables local users to perform symlink and hard link attacks, potentially allowing them to manipulate sensitive log files.
Is there a patch available for CVE-2011-1548?
Yes, a patch is available in later releases of logrotate that addresses the vulnerabilities associated with CVE-2011-1548.

collector/nvd-historical
agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/severity
agent/last-modified-date
agent/description
agent/event
agent/first-publish-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/gentoo
canonical/logrotate
vendor/debian
canonical/debian gnu/linux