oss-sec mailing list archives

Re: CVE Request -- logrotate -- nine issues

From: Florian Zumbiehl <florz () florz de>
Date: Thu, 10 Mar 2011 19:08:38 +0100

Hi,

    8) Issue #8: logrotate: TOCTOU race condition by creation of new
    files (between opening the file and moment, final permissions have
    been applied) [information disclosure]


Let' use CVE-2011-1098 for this.


What about these?:

| However, I think that still #6 (shell injection) and #7 (logrotate
| DoS with strange characters in file names) should be considered
| vulnerabilities in logrotate: It would be reasonable to assume that you
| can use user input that's a valid (slash-less) filename as a (part of a)
| log file name (assuming that the program is running as the same user that
| inspects and rotates the logs, so the log directory being writable by
| the program would not be insecure per-se) without that file name being
| interpreted by a shell or causing logrotate to stop functioning,
| respectively.

Florian

Current thread:

Re: CVE Request -- logrotate -- nine issues, (continued)
- - - Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 04)
    - Re: CVE Request -- logrotate -- nine issues Steven M. Christey (Mar 04)
    - Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 04)
    - Re: CVE Request -- logrotate -- nine issues Jan Lieskovsky (Mar 04)
    - Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 05)
    - Re: CVE Request -- logrotate -- nine issues Jan Kaluža (Mar 07)
    - Re: CVE Request -- logrotate -- nine issues Paul Martin (Mar 07)
    - Re: CVE Request -- logrotate -- nine issues Josh Bressers (Mar 07)
    - Re: CVE Request -- logrotate -- nine issues Ludwig Nussel (Mar 07)
    - Re: CVE Request -- logrotate -- nine issues Josh Bressers (Mar 10)
    - Re: CVE Request -- logrotate -- nine issues Florian Zumbiehl (Mar 10)
    - Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 10)
    - Re: CVE Request -- logrotate -- nine issues Florian Zumbiehl (Mar 10)
    - Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 11)
    - Re: CVE Request -- logrotate -- nine issues Ludwig Nussel (Mar 11)
    - Re: CVE Request -- logrotate -- nine issues Ludwig Nussel (Mar 23)
  - Re: CVE Request -- logrotate -- nine issues Pavel Labushev (Mar 04)
    - Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 05)
    - Re: CVE Request -- logrotate -- nine issues Pavel Labushev (Mar 06)
    - Re: CVE Request -- logrotate -- nine issues Solar Designer (Mar 06)
    - Re: CVE Request -- logrotate -- nine issues Pavel Labushev (Mar 06)

(Thread continues...)