{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2011-03-04T00:00:00.000Z","descriptions":[{"lang":"en","value":"The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2011-04-21T09:00:00.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/04/19"},{"name":"[oss-security] 20110304 CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/04/16"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/04/25"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/04/30"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/04/26"},{"name":"[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/10/3"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/04/28"},{"name":"[oss-security] 20110308 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/08/5"},{"name":"43955","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/43955"},{"name":"[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/07/5"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/04/31"},{"name":"ADV-2011-0961","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2011/0961"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/04/17"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=680796"},{"name":"[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/10/6"},{"name":"[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/06/3"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/04/29"},{"name":"[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/07/6"},{"name":"[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/05/6"},{"name":"FEDORA-2011-3739","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.html"},{"name":"[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/05/4"},{"name":"ADV-2011-0791","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2011/0791"},{"name":"MDVSA-2011:065","tags":["vendor-advisory","x_refsource_MANDRIVA"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:065"},{"name":"[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/07/11"},{"name":"[oss-security] 20110323 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/23/11"},{"name":"[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/06/5"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/04/18"},{"name":"FEDORA-2011-3758","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.html"},{"name":"[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/10/2"},{"name":"RHSA-2011:0407","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2011-0407.html"},{"name":"[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/11/3"},{"name":"[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/10/7"},{"name":"[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/05/8"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/04/22"},{"name":"[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/11/5"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/04/27"},{"name":"ADV-2011-0872","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2011/0872"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/04/32"},{"name":"[oss-security] 20110314 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/14/26"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/04/24"},{"name":"[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/06/4"},{"name":"[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/06/6"},{"name":"[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2011/03/04/33"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-06T22:14:27.899Z"},"title":"CVE Program Container","references":[{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/04/19"},{"name":"[oss-security] 20110304 CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/04/16"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/04/25"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/04/30"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/04/26"},{"name":"[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/10/3"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/04/28"},{"name":"[oss-security] 20110308 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/08/5"},{"name":"43955","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/43955"},{"name":"[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/07/5"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/04/31"},{"name":"ADV-2011-0961","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2011/0961"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/04/17"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=680796"},{"name":"[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/10/6"},{"name":"[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/06/3"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/04/29"},{"name":"[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/07/6"},{"name":"[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/05/6"},{"name":"FEDORA-2011-3739","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.html"},{"name":"[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/05/4"},{"name":"ADV-2011-0791","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2011/0791"},{"name":"MDVSA-2011:065","tags":["vendor-advisory","x_refsource_MANDRIVA","x_transferred"],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:065"},{"name":"[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/07/11"},{"name":"[oss-security] 20110323 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/23/11"},{"name":"[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/06/5"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/04/18"},{"name":"FEDORA-2011-3758","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.html"},{"name":"[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/10/2"},{"name":"RHSA-2011:0407","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2011-0407.html"},{"name":"[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/11/3"},{"name":"[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/10/7"},{"name":"[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/05/8"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/04/22"},{"name":"[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/11/5"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/04/27"},{"name":"ADV-2011-0872","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2011/0872"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/04/32"},{"name":"[oss-security] 20110314 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/14/26"},{"name":"[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/04/24"},{"name":"[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/06/4"},{"name":"[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/06/6"},{"name":"[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2011/03/04/33"}]}]},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2011-1154","datePublished":"2011-03-30T22:00:00.000Z","dateReserved":"2011-03-03T00:00:00.000Z","dateUpdated":"2024-08-06T22:14:27.899Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}