Main Vulnerability Database Exploits ID:4329 - Exploit for Input validation error in logwatch - CVE-2011-1018

ID:4329 - Exploit for Input validation error in logwatch - CVE-2011-1018

Published: August 11, 2020

Vulnerability identifier: #VU45295

Vulnerability risk: High

CVE-ID: CVE-2011-1018

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
logwatch

Link to public exploit:

https://www.exploit-db.com/exploits/35386/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.

Remediation

Install update from vendor's website.

ID:4329 - Exploit for Input validation error in logwatch - CVE-2011-1018

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human