|Main Archive Page > Month Archives > oss-security archives|
Hello Josh, Steve, vendors,
a security flaw was found in the way logwatch, a log file
analysis program, pre-processed log files, containing certain
special characters in their names. A remote attacker could
use this flaw to execute arbitrary code with the privileges
of the privileged system user (root) by creating a
specially-crafted log file, subsequently analyzed by the
Upstream bug report:
Could you allocate a CVE id for this issue?
Thanks && Regards, Jan.
-- Jan iankko Lieskovsky / Red Hat Security Response Team