Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
200
security advisorysecurity issueupdateScientific Linux: CVE-2011-1018 Critical Logwatch Code Execution Issue
Important: logwatch security update. Date: Tue, 8 Mar 2011 10:59:03 -0600 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Important: logwatch on SL5.x, SL6.x i386/x86_64 Comments: To: "
Mar 08, 2011
•Critical
Scientific Linux
98
security advisoryRed HatcriticalCritical Logwatch Privilege Escalation in Red Hat Enterprise Linux 5 & 6
An updated logwatch package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: logwatch security update Advisory ID: RHSA-2011:0324-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2011:0324.html Issue date: 2011-03-07 CVE Names: CVE-2011-1018 ==================================================================== 1. Summary: An updated logwatch package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - noarch Red Hat Enterprise Linux Desktop (v. 5 client) - noarch Red Hat Enterprise Linux Desktop (v. 6) - noarch Red Hat Enterprise Linux HPC Node (v. 6) - noarch Red Hat Enterprise Linux Server (v. 6) - noarch Red Hat Enterprise Linux Workstation (v. 6) - noarch 3. Description: Logwatch is a customizable log analysis system. Logwatch parses through your system's logs for a given period of time and creates a report analyzing areas that you specify, in as much detail as you require. A flaw was found in the way Logwatch processed log files. If an attacker were able to create a log file with a malicious file name, it could result in arbitrary code execution with the privileges of the root user when that log file is analyzed by Logwatch. (CVE-2011-1018) Users of logwatch should upgrade to this updated package, which containsa backported patch to resolve this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 680237 - CVE-2011-1018 logwatch: Privilege escalation due improper sanitization of special characters in log file names 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: noarch: logwatch-7.3-9.el5_6.noarch.rpm Red Hat Enterprise Linux (v. 5 server): Source: noarch: logwatch-7.3-9.el5_6.noarch.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: noarch: logwatch-7.3.6-49.el6.noarch.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: noarch: logwatch-7.3.6-49.el6.noarch.rpm Red Hat Enterprise Linux Server (v. 6): Source: noarch: logwatch-7.3.6-49.el6.noarch.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: noarch: logwatch-7.3.6-49.el6.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/cve/CVE-2011-1018 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNdUimXlSAg2UNWIIRAvYjAJ9S1NDxAt1YlKBZUNIYLzBVQxm/dQCgpBV2 w8N5eQd5a4Kg0BzXKeUxIu8=yO0n -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Mar 07, 2011
•Important
Red Hat
87
security advisorycriticaldebianDebian: DSA-2182-1 Critical: Logwatch Shell Command Injection
Dominik George discovered that logwatch does not guard against shell meta-characters in crafted log file names (such as those produced by Samba). As a result, an attacker might be able to execute shell commands on the system running logwatch. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2182-1
Mar 04, 2011
•Critical
Debian
172
security advisorysoftware patchremote code executionUbuntu 8.04 LTS USN-1078-1 Critical: Logwatch Remote Code Execution
Dominik George discovered that logwatch did not properly sanitizelog file names that were passed to the shell as part of a command.If a remote attacker were able to generate specially crafted filenames(for example, via Samba logging), they could execute arbitrary codewith root privileges. [More...]. ==========================================================Ubuntu Security Notice USN-1078-1 March 01, 2011 logwatch vulnerability CVE-2011-1018 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 9.10 Ubuntu 10.04 LTS Ubuntu 10.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: logwatch 7.3.6-1ubuntu1.1 Ubuntu 9.10: logwatch 7.3.6.cvs20090906-1ubuntu1.1 Ubuntu 10.04 LTS: logwatch 7.3.6.cvs20090906-1ubuntu2.1 Ubuntu 10.10: logwatch 7.3.6.cvs20090906-1ubuntu3.1 In general, a standard system update will make all the necessary changes. Details follow: Dominik George discovered that logwatch did not properly sanitize log file names that were passed to the shell as part of a command. If a remote attacker were able to generate specially crafted filenames (for example, via Samba logging), they could execute arbitrary code with root privileges. Updated packages for Ubuntu 8.04 LTS: Source archives: Size/MD5: 15656 31f40f13457aeb20f21c2cfd2ad460b8 Size/MD5: 1413 037612770004ad6b553b8c5b02840350 Size/MD5: 297296 937d982006b2a76a83edfcfd2e5a9d7d Architecture independent packages: Size/MD5: 307458 da69f492898cee9560bb752b87e8af1c Updated packages for Ubuntu 9.10: Source archives: Size/MD5: 87133 eb1efb5614967c87dcee5a0627db91a2 Size/MD5: 1932 b32ef1d8ada8a539c73a6e8da732a7c8 Size/MD5: 338115 b12229916e0a5891a8c1da59afb61e40 Architecture independent packages: Size/MD5: 400012 6a943f596ed79064930b328a7058357e Updated packages for Ubuntu 10.04 LTS: Source archives: Size/MD5: 87803 0bba6a4701307c1abb9fea16c15c11fd Size/MD5: 1932 d87291a904f97e6c13dc15f0c996eeb4 Size/MD5: 338115 b12229916e0a5891a8c1da59afb61e40 Architecture independent packages: Size/MD5: 401512 d68a24ddbbfde6880fdbff79290bf344 Updated packages for Ubuntu 10.10: Source archives: Size/MD5: 90181 971dda35e4fa086a1bab9b9d7814a0df Size/MD5: 1932 388d1296df12dc1f46d0ddebfe6bf6ae Size/MD5: 338115 b12229916e0a5891a8c1da59afb61e40 Architecture independent packages: Size/MD5: 398960 d7967323e366778cc5c79701aa1dc156 . A critical flaw in Logwatch poses a remote code execution threat. It's essential to update packages to address vulnerabilities in various Ubuntu LTS versions.. Logwatch Security Advisory, Remote Code Execution Ubuntu, Package Update Logwatch. . Severity: Critical. LinuxSecurity.com Team
Mar 01, 2011
•Critical
Ubuntu
89
security advisoryFedoralogwatchFedora Core 4: FEDORA-2006-202 Critical Update: logwatch --splithosts Fix
This new version of logwatch package fixes problems with --splithosts option and contains a lot of services updates.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2006-202 2006-03-22 ---------------------------------------------------------------------Product : Fedora Core 4 Name : logwatch Version : 7.2.1 Release : 1.fc4 Summary : A log file analysis program. Description : LogWatch is a customizable log analysis system. LogWatch parses through your system's logs for a given period of time and creates a report analyzing areas that you specify, in as much detail as you require. LogWatch is easy to use and claims that it will work right out of the package on almost all systems. Note that LogWatch now analyzes Samba logs. ---------------------------------------------------------------------Update Information: This new version of logwatch package fixes problems with --splithosts option and contains a lot of services updates. ---------------------------------------------------------------------* Wed Mar 22 2006 Ivana Varekova 7.2.1-1.fc4 - update to 7.2.1 (#185758) - add/update pam_unix, http, sshd, smart, named, audit, secure and mountd patches ---------------------------------------------------------------------This update can be downloaded from: 13087c5574a3aee59a0230f97d5de39439e86a46 SRPMS/logwatch-7.2.1-1.fc4.src.rpm dea558d2036118cd5c1bfbe6533170b855133997 ppc/logwatch-7.2.1-1.fc4.noarch.rpm dea558d2036118cd5c1bfbe6533170b855133997 x86_64/logwatch-7.2.1-1.fc4.noarch.rpm dea558d2036118cd5c1bfbe6533170b855133997 i386/logwatch-7.2.1-1.fc4.noarch.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . ----------------------------------------------------------------------- fedora-announce-list mailinglist
Mar 22, 2006
•Critical
Fedora
98
security advisoryRed HatlogwatchRed Hat Enterprise Linux: RHSA-2005:364-01 Moderate: Logwatch DoS
An updated logwatch package that fixes a denial of service issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: logwatch security update Advisory ID: RHSA-2005:364-01 Advisory URL: https://access.redhat.com/errata/RHSA-2005:364.html Issue date: 2005-04-19 Updated on: 2005-04-19 Product: Red Hat Enterprise Linux Keywords: logwatch CVE Names: CAN-2005-1061 - ---------------------------------------------------------------------1. Summary: An updated logwatch package that fixes a denial of service issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - noarch Red Hat Linux Advanced Workstation 2.1 - noarch Red Hat Enterprise Linux ES version 2.1 - noarch Red Hat Enterprise Linux WS version 2.1 - noarch 3. Problem description: LogWatch is a customizable log analysis system. LogWatch parses through your system's logs for a given period of time and creates a report analyzing areas that you specify, in as much detail as you require. A bug was found in the logwatch secure script. If an attacker is able to inject an arbitrary string into the /var/log/secure file, it is possible to prevent logwatch from detecting malicious activity. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1061 to this issue. All users of logwatch are advised to upgrade to this updated package, which contain backported fixes for this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particulararchitecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 137502 - CAN-2005-1061 logwatch log processing regular expression DoS 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: 251d0fde1a715d1bb0fbbba7f7285493 logwatch-2.6-2.EL2.src.rpm noarch: b112e89085531f4b37ea8c2b2b40ad6e logwatch-2.6-2.EL2.noarch.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: 251d0fde1a715d1bb0fbbba7f7285493 logwatch-2.6-2.EL2.src.rpm noarch: b112e89085531f4b37ea8c2b2b40ad6e logwatch-2.6-2.EL2.noarch.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: 251d0fde1a715d1bb0fbbba7f7285493 logwatch-2.6-2.EL2.src.rpm noarch: b112e89085531f4b37ea8c2b2b40ad6e logwatch-2.6-2.EL2.noarch.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: 251d0fde1a715d1bb0fbbba7f7285493 logwatch-2.6-2.EL2.src.rpm noarch: b112e89085531f4b37ea8c2b2b40ad6e logwatch-2.6-2.EL2.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-CAN-2005-1061 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2005 Red Hat,Inc. . This notification outlines a standard logwatch revision tackling a DoS vulnerability. Update is advised for users of Red Hat.. logwatch Update, DoS Fix, Red Hat Security. . LinuxSecurity.com Team
Apr 19, 2005
Red Hat
98
security advisoryRed Hat Powertoolsrace conditionRed Hat Powertools: RHSA-2002:054-09 Moderate: Race Condition in Logwatch
Updated LogWatch packages are available that fix tmp file race conditionswhich can cause a local user to gain root privileges.. ` --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Race conditions in logwatch Advisory ID: RHSA-2002:054-09 Issue date: 2002-03-28 Updated on: 2002-04-04 Product: Red Hat Powertools Keywords: logwatch tmp race Cross references: RHSA-2002:053 Obsoletes: --------------------------------------------------------------------- 1. Topic: Updated LogWatch packages are available that fix tmp file race conditions which can cause a local user to gain root privileges. 2. Relevant releases/architectures: Red Hat Powertools 6.2 - noarch Red Hat Powertools 7.0 - noarch Red Hat Powertools 7.1 - noarch 3. Problem description: LogWatch is a customizable log analysis system which was available in Red Hat Powertools. Versions of LogWatch 2.1.1 and earlier have a vulnerability due to a race condition during the creation of a temporary directory. This vulnerability can allow a local user to gain root privileges. An additional race condition was found in versions of LogWatch 2.5 and earlier. Users should update to the errata packages containing Logwatch 2.6, which is not vulnerable to these issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2002-0162 and CAN-2002-0165 to these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desiredRPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed ( for more info): 62055 - A /tmp race condition leads to root 46371 - Handle accepted packets, not just reject and deny 56191 - logwatch is too noisy 58578 - Problem with RPM dependance 61202 - Logwatch logs appear to have emerged themselves with other logfiles. They are semi-unreadable 61829 - logwatch's sshd filter should scan secure logs 61831 - logwatch modprobe filter should allow dashes in module names 61832 - secure filter should ignore sshd messages 6. RPMs required: Red Hat Powertools 6.2: SRPMS: noarch: Red Hat Powertools 7.0: SRPMS: noarch: Red Hat Powertools 7.1: SRPMS: noarch: 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- bb75f22ed70447d6a46d5d5b2a7ec7aa 6.2/en/powertools/SRPMS/logwatch-2.6-1.src.rpm ac8ea7498a2d6b14bb325a511cf8ba6b 6.2/en/powertools/noarch/logwatch-2.6-1.noarch.rpm bb75f22ed70447d6a46d5d5b2a7ec7aa 7.0/en/powertools/SRPMS/logwatch-2.6-1.src.rpm ac8ea7498a2d6b14bb325a511cf8ba6b 7.0/en/powertools/noarch/logwatch-2.6-1.noarch.rpm bb75f22ed70447d6a46d5d5b2a7ec7aa 7.1/en/powertools/SRPMS/logwatch-2.6-1.src.rpm ac8ea7498a2d6b14bb325a511cf8ba6b 7.1/en/powertools/noarch/logwatch-2.6-1.noarch.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: About You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: CVE -CVE-2002-0162 CVE -CVE-2002-0165 Copyright(c)2000, 2001, 2002 Red Hat, Inc. `. LogWatch update addresses a race condition vulnerability allowing local users to gain root privileges. Immediate actions recommended.. Logwatch Update, Red Hat Advisory, Race Condition Fix. . Severity: Important. LinuxSecurity.com Team
Apr 05, 2002
•Important
Red Hat
98
security advisoryRed Hataccess controlUbuntu 18.04 USN-2021:1234-5 Important: Security Vulnerability in Logwatch
Updated LogWatch packages are available that fix tmp file race conditionswhich can cause a local user to gain root privileges.. ` --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Race conditions in logwatch Advisory ID: RHSA-2002:053-12 Issue date: 2002-03-28 Updated on: 2002-04-04 Product: Red Hat Linux Keywords: logwatch tmp race Cross references: RHSA-2002:054 Obsoletes: --------------------------------------------------------------------- 1. Topic: Updated LogWatch packages are available that fix tmp file race conditions which can cause a local user to gain root privileges. 2. Relevant releases/architectures: Red Hat Linux 7.2 - noarch 3. Problem description: LogWatch is a customizable log analysis system which is used by default in Red Hat Linux 7.2. Versions of LogWatch 2.1.1 and earlier have a vulnerability due to a race condition during the creation of a temporary directory. This vulnerability can allow a local user to gain root privileges. An additional race condition was found in versions of LogWatch 2.5 and earlier. Users should update to the errata packages containing Logwatch 2.6, which are not vulnerable to these issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2002-0162 and CAN-2002-0165 to these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed ( for more info): 62055 - A /tmp race condition leads to root 46371 - Handle accepted packets, not just reject and deny 56191 - logwatch is too noisy 58578 - Problem with RPM dependance 61202 - Logwatch logs appear to have emerged themselves with other logfiles. They are semi-unreadable 61829 - logwatch's sshd filter should scan secure logs 61831 - logwatch modprobe filter should allow dashes in module names 61832 - secure filter should ignore sshd messages 6. RPMs required: Red Hat Linux 7.2: SRPMS: noarch: 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- bb75f22ed70447d6a46d5d5b2a7ec7aa 7.2/en/os/SRPMS/logwatch-2.6-1.src.rpm ac8ea7498a2d6b14bb325a511cf8ba6b 7.2/en/os/noarch/logwatch-2.6-1.noarch.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: About You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: CVE -CVE-2002-0162 CVE -CVE-2002-0165 Copyright(c) 2000, 2001, 2002 Red Hat, Inc. `. Updated LogWatch packages fix tmp file race conditions, allowing local users to gain root privileges. Upgrade recommended.. LogWatch Security Patch, Red Hat Update, Race Condition Fix. . Severity: Important. LinuxSecurity.com Team
Apr 05, 2002
•Important
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!