VYPR
Unrated severityNVD Advisory· Published Mar 30, 2011· Updated Jun 16, 2026

CVE-2011-1549

CVE-2011-1549

Description

The default configuration of logrotate on Gentoo Linux uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories under /var/log/ for packages.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:gentoo:logrotate:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:gentoo:logrotate:*:*:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

35

News mentions

0

No linked articles in our index yet.