SuSE 10 Security Update : logrotate (ZYPP Patch Number 7534)

NASLDB: SuSE 10 Security Update : logrotate (ZYPP Patch Number 7534)

General

ID: 54829
Name: SuSE 10 Security Update : logrotate (ZYPP Patch Number 7534)

Summary: Checks rpm output for the updated package

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N
CVSS Temporal Vector: –

Port: 0
Family: SuSE Local Security Checks
Type: Local

Description

This update for logrotate provides the following fixes :

– Race condition in the createOutputFile function in
logrotate allows local users to read log data by opening
a file before the intended permissions are in place
(CVE-2011-1098). (bnc#677336)

– The writeState function in logrotate might allow
context-dependent attackers to cause a denial of service
(rotation outage) via a (1) \n (newline) or (2) \
(backslash) character in a log filename, as demonstrated
by a filename that is automatically constructed on the
basis of a hostname or virtual machine name
(CVE-2011-1155). (bnc#679662)

– In addition, the missingok option has been improved

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2011-1098
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: –
Patch Release: 2011/05/18
Plugin Release: 2011/05/26

Plugin

Version: 1.5
Filename: suse_logrotate-7534.nasl
Filesize: 3286 bytes
MD5 Hash: cab8ef2491e7ccaeba9a46dcc303ec07

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list
Dependencies: "ssh_get_info.nasl"

Letzte Plugins

Letzte Plugins

scip AG