Vulnerabilities > Gentoo > Logrotate > 3.7.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-03-30 | CVE-2011-1155 | Resource Management Errors vulnerability in Gentoo Logrotate The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name. | 1.9 |
| 2011-03-30 | CVE-2011-1154 | Improper Input Validation vulnerability in Gentoo Logrotate The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name. | 6.9 |