Test ID:	1.3.6.1.4.1.25623.1.0.70891
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-1172-1 (logrotate)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to logrotate announced via advisory USN-1172-1. Details: It was discovered that logrotate incorrectly handled the creation of new log files. Local users could possibly read log files if they were opened before permissions were in place. This issue only affected Ubuntu 8.04 LTS. (CVE-2011-1098) It was discovered that logrotate incorrectly handled certain log file names when used with the shred option. Local attackers able to create log files with specially crafted filenames could use this issue to execute arbitrary code. This issue only affected Ubuntu 10.04 LTS, 10.10, and 11.04. (CVE-2011-1154) It was discovered that logrotate incorrectly handled certain malformed log filenames. Local attackers able to create log files with specially crafted filenames could use this issue to cause logrotate to stop processing log files, resulting in a denial of service. (CVE-2011-1155) It was discovered that logrotate incorrectly handled symlinks and hard links when processing log files. A local attacker having write access to a log file directory could use this issue to overwrite or read arbitrary files. This issue only affected Ubuntu 8.04 LTS. (CVE-2011-1548) Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: logrotate 3.7.8-6ubuntu3.1 Ubuntu 10.10: logrotate 3.7.8-6ubuntu1.1 Ubuntu 10.04 LTS: logrotate 3.7.8-4ubuntu2.2 Ubuntu 8.04 LTS: logrotate 3.7.1-3ubuntu0.8.04.1 http://www.securityspace.com/smysecure/catid.html?in=USN-1172-1 CVSS Score: 6.9 CVSS Vector: AV:L/AC:H/Au:NR/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1098 43955 http://secunia.com/advisories/43955 ADV-2011-0791 http://www.vupen.com/english/advisories/2011/0791 ADV-2011-0872 http://www.vupen.com/english/advisories/2011/0872 ADV-2011-0961 http://www.vupen.com/english/advisories/2011/0961 FEDORA-2011-3739 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.html FEDORA-2011-3758 http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.html MDVSA-2011:065 http://www.mandriva.com/security/advisories?name=MDVSA-2011:065 RHSA-2011:0407 http://www.redhat.com/support/errata/RHSA-2011-0407.html [oss-security] 20110304 CVE Request -- logrotate -- nine issues http://openwall.com/lists/oss-security/2011/03/04/16 [oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues http://openwall.com/lists/oss-security/2011/03/04/17 http://openwall.com/lists/oss-security/2011/03/04/18 http://openwall.com/lists/oss-security/2011/03/04/19 http://openwall.com/lists/oss-security/2011/03/04/22 http://openwall.com/lists/oss-security/2011/03/04/24 http://openwall.com/lists/oss-security/2011/03/04/25 http://openwall.com/lists/oss-security/2011/03/04/26 http://openwall.com/lists/oss-security/2011/03/04/27 http://openwall.com/lists/oss-security/2011/03/04/28 http://openwall.com/lists/oss-security/2011/03/04/29 http://openwall.com/lists/oss-security/2011/03/04/30 http://openwall.com/lists/oss-security/2011/03/04/31 http://openwall.com/lists/oss-security/2011/03/04/32 [oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues http://openwall.com/lists/oss-security/2011/03/04/33 http://openwall.com/lists/oss-security/2011/03/05/4 http://openwall.com/lists/oss-security/2011/03/05/6 [oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues http://openwall.com/lists/oss-security/2011/03/05/8 http://openwall.com/lists/oss-security/2011/03/06/3 http://openwall.com/lists/oss-security/2011/03/06/4 http://openwall.com/lists/oss-security/2011/03/06/5 http://openwall.com/lists/oss-security/2011/03/06/6 [oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues http://openwall.com/lists/oss-security/2011/03/07/11 http://openwall.com/lists/oss-security/2011/03/07/5 http://openwall.com/lists/oss-security/2011/03/07/6 [oss-security] 20110308 Re: CVE Request -- logrotate -- nine issues http://openwall.com/lists/oss-security/2011/03/08/5 [oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues http://openwall.com/lists/oss-security/2011/03/10/2 http://openwall.com/lists/oss-security/2011/03/10/3 [oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues http://openwall.com/lists/oss-security/2011/03/10/6 http://openwall.com/lists/oss-security/2011/03/10/7 http://openwall.com/lists/oss-security/2011/03/11/3 http://openwall.com/lists/oss-security/2011/03/11/5 [oss-security] 20110314 Re: CVE Request -- logrotate -- nine issues http://openwall.com/lists/oss-security/2011/03/14/26 [oss-security] 20110323 Re: CVE Request -- logrotate -- nine issues http://openwall.com/lists/oss-security/2011/03/23/11 https://bugzilla.redhat.com/show_bug.cgi?id=680798 Common Vulnerability Exposure (CVE) ID: CVE-2011-1154 https://bugzilla.redhat.com/show_bug.cgi?id=680796 Common Vulnerability Exposure (CVE) ID: CVE-2011-1155 https://bugzilla.redhat.com/show_bug.cgi?id=680797 Common Vulnerability Exposure (CVE) ID: CVE-2011-1548 BugTraq ID: 47167 http://www.securityfocus.com/bid/47167 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606544
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.