{"id":"CVE-2011-1548","details":"The default configuration of logrotate on Debian GNU/Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by /var/log/postgresql/.","modified":"2026-04-10T03:41:45.341004Z","published":"2011-03-30T22:55:02Z","references":[{"type":"WEB","url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606544"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/04/16"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/04/17"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/04/18"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/04/19"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/04/22"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/04/24"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/04/25"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/04/26"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/04/27"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/04/28"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/04/29"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/04/30"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/04/31"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/04/32"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/04/33"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/05/4"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/05/6"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/05/8"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/06/3"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/06/4"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/06/5"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/06/6"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/07/11"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/07/5"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/07/6"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/08/5"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/10/2"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/10/3"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/10/6"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/10/7"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/11/3"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/11/5"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/14/26"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2011/03/23/11"},{"type":"WEB","url":"http://www.securityfocus.com/bid/47167"}],"schema_version":"1.7.5"}