漏洞信息详情
Gentoo logrotate logrotate.c createOutputFile函数竞争条件漏洞
- CNNVD编号:CNNVD-201103-342
- 危害等级: 低危
- CVE编号: CVE-2011-1098
- 漏洞类型: 竞争条件
- 发布时间: 2011-03-31
- 威胁类型: 本地
- 更新时间: 2011-04-01
- 厂 商: gentoo
- 漏洞来源:
漏洞简介
logrotate是一款系统日志管理软件。
logrotate 3.7.9及之前版本的logrotate.c中的createOutputFile函数中存在竞争条件漏洞。本地用户可以通过在预设许可就位之前打开文件,读取日志数据。
漏洞公告
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
https://bugzilla.redhat.com/show_bug.cgi?id=680798
参考网址
来源: bugzilla.redhat.com
链接:https://bugzilla.redhat.com/show_bug.cgi?id=680798
来源: VUPEN
名称: ADV-2011-0791
链接:http://www.vupen.com/english/advisories/2011/0791
来源: MLIST
名称: [oss-security] 20110323 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/23/11
来源: MLIST
名称: [oss-security] 20110314 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/14/26
来源: MLIST
名称: [oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/11/5
来源: MLIST
名称: [oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/11/3
来源: MLIST
名称: [oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/10/7
来源: MLIST
名称: [oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/10/6
来源: MLIST
名称: [oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/10/3
来源: MLIST
名称: [oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/10/2
来源: MLIST
名称: [oss-security] 20110308 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/08/5
来源: MLIST
名称: [oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/07/6
来源: MLIST
名称: [oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/07/5
来源: MLIST
名称: [oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/07/11
来源: MLIST
名称: [oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/06/6
来源: MLIST
名称: [oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/06/5
来源: MLIST
名称: [oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/06/4
来源: MLIST
名称: [oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/06/3
来源: MLIST
名称: [oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/05/8
来源: MLIST
名称: [oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/05/6
来源: MLIST
名称: [oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/05/4
来源: MLIST
名称: [oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/04/33
来源: MLIST
名称: [oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/04/32
来源: MLIST
名称: [oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/04/31
来源: MLIST
名称: [oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/04/30
来源: MLIST
名称: [oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/04/29
来源: MLIST
名称: [oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/04/28
来源: MLIST
名称: [oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/04/27
来源: MLIST
名称: [oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues
链接:http://openwall.com/lists/oss-security/2011/03/04/26
来源: MLIST
名称: [oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues
来源:NSFOCUS 名称:16657 链接:http://www.nsfocus.net/vulndb/16657
受影响实体
- Gentoo Logrotate:3.3:R2
- Gentoo Logrotate:3.5.9
- Gentoo Logrotate:3.5.9:R1
- Gentoo Logrotate:3.6.5
- Gentoo Logrotate:3.6.5:R1
补丁
暂无
评论