CVE-2011-1098
30.03.2011, 22:55
Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place.
| Vendor | Product | Version |
|---|---|---|
| gentoo | logrotate | 𝑥 ≤ 3.7.9 |
| gentoo | logrotate | 3.3:r2 |
| gentoo | logrotate | 3.5.9 |
| gentoo | logrotate | 3.5.9:r1 |
| gentoo | logrotate | 3.6.5 |
| gentoo | logrotate | 3.6.5:r1 |
| gentoo | logrotate | 3.7 |
| gentoo | logrotate | 3.7.1 |
| gentoo | logrotate | 3.7.1:r1 |
| gentoo | logrotate | 3.7.1:r2 |
| gentoo | logrotate | 3.7.2 |
| gentoo | logrotate | 3.7.6 |
| gentoo | logrotate | 3.7.7 |
| gentoo | logrotate | 3.7.8 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
References