CVE-2011-1155

EPSS 0.10%

Published: 3/30/2011Modified: 4/28/2026

Also known as:DEBIAN-CVE-2011-1155

Description

The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.

Affected packages (1)

Debian/logrotatefrom 0, < 3.8.0-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-1155