Description
The default configuration of logrotate on SUSE openSUSE Factory uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories for the (1) cobbler, (2) inn, (3) safte-monitor, and (4) uucp packages.
CVSS Metrics
- Vector
- AV:L/AC:M/Au:N/C:N/I:C/A:C
- Access Vector
- local
- Access Cmplx
- medium
- Auth
- none
- Confidentiality
- none
- Integrity
- complete
- Availability
- complete
- Weaknesses
- CWE-264
Metadata
- Primary Vendor
- GENTOO
- Published
- 3/30/2011
- Last Modified
- 4/11/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
gentoo : logrotate
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.