This script is Copyright (C) 2011-2012 Tenable Network Security, Inc.
The remote SuSE 10 host is missing a security-related patch.
This update for logrotate provides the following fixes :
- Race condition in the createOutputFile function in
logrotate allows local users to read log data by opening
a file before the intended permissions are in place
- The writeState function in logrotate might allow
context-dependent attackers to cause a denial of service
(rotation outage) via a (1) \n (newline) or (2) \
(backslash) character in a log filename, as demonstrated
by a filename that is automatically constructed on the
basis of a hostname or virtual machine name
- In addition, the missingok option has been improved
See also :
Apply ZYPP patch number 7534.
Risk factor :
Low / CVSS Base Score : 1.9
Family: SuSE Local Security Checks
Nessus Plugin ID: 54829 ()
CVE ID: CVE-2011-1098CVE-2011-1155
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.