CVE-2011-1549

Name of the Vulnerable Software and Affected Versions logrotate versions prior to 3.8.0

Description The issue concerns multiple vulnerabilities in the logrotate package that can lead to breaches of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited locally. Specifically, the default configuration of logrotate on Gentoo Linux uses root privileges to process files in directories that permit non-root write access. This allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, such as those under /var/log/ for packages.

Recommendations For versions prior to 3.8.0, update to version 3.8.0 or later to resolve the issue. As a temporary workaround, consider restricting write access to directories processed by logrotate to prevent local users from conducting symlink and hard link attacks.