Back to search
CVE-2011-1018
Published: Feb 25, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2011-0581
vdb-entry
x_refsource_VUPEN
43495
third-party-advisory
x_refsource_SECUNIA
FEDORA-2011-2318
vendor-advisory
x_refsource_FEDORA
DSA-2182
vendor-advisory
x_refsource_DEBIAN
FEDORA-2011-2396
vendor-advisory
x_refsource_FEDORA
43356
third-party-advisory
x_refsource_SECUNIA
ADV-2011-0533
vdb-entry
x_refsource_VUPEN
SUSE-SR:2011:005
vendor-advisory
x_refsource_SUSE
43644
third-party-advisory
x_refsource_SECUNIA
RHSA-2011:0324
vendor-advisory
x_refsource_REDHAT
43622
third-party-advisory
x_refsource_SECUNIA
46554
vdb-entry
x_refsource_BID
USN-1078-1
vendor-advisory
x_refsource_UBUNTU
ADV-2011-0596
vdb-entry
x_refsource_VUPEN
FEDORA-2011-2328
vendor-advisory
x_refsource_FEDORA
https://bugzilla.redhat.com/show_bug.cgi?id=680237
x_refsource_CONFIRM
[Logwatch-devel] 20110216 Remote command execution issue with root privileges
mailing-list
x_refsource_MLIST
43734
third-party-advisory
x_refsource_SECUNIA
1025165
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now