1.9

CVE-2011-1155

The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.

Data is provided by the National Vulnerability Database (NVD)
GentooLogrotate Version <= 3.7.9
GentooLogrotate Version3.3 Updater2
GentooLogrotate Version3.5.9
GentooLogrotate Version3.5.9 Updater1
GentooLogrotate Version3.6.5
GentooLogrotate Version3.6.5 Updater1
GentooLogrotate Version3.7
GentooLogrotate Version3.7.1
GentooLogrotate Version3.7.1 Updater1
GentooLogrotate Version3.7.1 Updater2
GentooLogrotate Version3.7.2
GentooLogrotate Version3.7.6
GentooLogrotate Version3.7.7
GentooLogrotate Version3.7.8
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.09% 0.259
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 1.9 3.4 2.9
AV:L/AC:M/Au:N/C:N/I:N/A:P