Vulnerability Details : CVE-2011-1018
logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.
Vulnerability category: Input validation
Products affected by CVE-2011-1018
- cpe:2.3:a:logwatch:logwatch:7.3.6:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-1018
18.31%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-1018
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2011-1018
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-1018
-
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2011:005
-
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055579.html
[SECURITY] Fedora 14 Update: logwatch-7.3.6-60.fc14
-
http://www.vupen.com/english/advisories/2011/0533
Webmail | OVH- OVH
-
http://www.vupen.com/english/advisories/2011/0596
Webmail | OVH- OVH
-
https://bugzilla.redhat.com/show_bug.cgi?id=680237
680237 – (CVE-2011-1018) CVE-2011-1018 logwatch: Privilege escalation due improper sanitization of special characters in log file namesPatch
-
http://www.securityfocus.com/bid/46554
Logwatch Log File Special Characters Local Privilege Escalation Vulnerability
-
http://www.ubuntu.com/usn/USN-1078-1
USN-1078-1: Logwatch vulnerability | Ubuntu security notices
-
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055617.html
[SECURITY] Fedora 15 Update: logwatch-7.3.6-66.20110203svn25.fc15
-
http://www.securitytracker.com/id?1025165
LogWatch Filename Processing Flaw Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://www.debian.org/security/2011/dsa-2182
Debian -- Security Information -- DSA-2182-1 logwatch
-
http://www.openwall.com/lists/oss-security/2011/02/24/13
oss-security - CVE Request -- logwatch: Privilege escalation due improper sanitization of special characters in log file namesPatch
-
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055585.html
[SECURITY] Fedora 13 Update: logwatch-7.3.6-55.fc13
-
http://www.vupen.com/english/advisories/2011/0581
Webmail | OVH- OVH
-
http://sourceforge.net/tracker/?func=detail&aid=3184223&group_id=312875&atid=1316824
Logwatch / Bugs / #13 special chracters in log file names break logwatchPatch
-
http://www.openwall.com/lists/oss-security/2011/02/24/15
oss-security - Re: CVE Request -- logwatch: Privilege escalation due improper sanitization of special characters in log file namesPatch
-
http://logwatch.svn.sourceforge.net/viewvc/logwatch/scripts/logwatch.pl?r1=3&r2=26&pathrev=26
404 Not FoundPatch
-
http://www.redhat.com/support/errata/RHSA-2011-0324.html
Support
-
http://sourceforge.net/mailarchive/forum.php?thread_name=4D604843.7040303%40mblmail.net&forum_name=logwatch-devel
Logwatch / Thread: [Logwatch-devel] Remote command execution issue with root privileges
Jump to