Oval Definition:oval:org.mitre.oval:def:12771
Revision Date:2014-06-30Version:20
Title:USN-1078-1 -- logwatch vulnerability
Description:Dominik George discovered that logwatch did not properly sanitize log file names that were passed to the shell as part of a command. If a remote attacker were able to generate specially crafted filenames, they could execute arbitrary code with root privileges.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2011-1018
USN-1078-1
USN-1078-1
Platform(s):Ubuntu 10.04
Ubuntu 10.10
Ubuntu 8.04
Ubuntu 9.10
Product(s):logwatch
Definition Synopsis
  • Release section
  • Ubuntu 8.04 is installed
  • AND Installed architecture is all
  • AND logwatch DPKG is earlier than 7.3.6-1ubuntu1.1
  • OR Release section
  • Ubuntu 10.10 is installed
  • AND Installed architecture is all
  • AND logwatch DPKG is earlier than 7.3.6.cvs20090906-1ubuntu3.1
  • OR Release section
  • Ubuntu 9.10 is installed
  • AND Installed architecture is all
  • AND logwatch DPKG is earlier than 7.3.6.cvs20090906-1ubuntu1.1
  • OR Release section
  • Ubuntu 10.04 is installed
  • AND Installed architecture is all
  • AND logwatch DPKG is earlier than 7.3.6.cvs20090906-1ubuntu2.1
    • BACK