Novell openSUSE, Novell SUSE Linux Enterprise Server

ソフト名：Novell openSUSE 11.3/11.4, Novell SUSE Linux Enterprise Server (SLES) 10/11 (Logrotate 3.7.9)

回避策：openSUSE-SU-2011:0536-1, SUSE-SU-2011:0537-1, SUSE-SU-2011:0538-1, SUSE-SU-2011:0539-1にて対応

脆弱性：機密情報の奪取, 権限の昇格, DoS攻撃, シムリンク攻撃, シェルコマンドの挿入, シェルコマンド実行

ソース：http://www.opensuse.org/en/

http://www.novell.com/products/server/

http://www.novell.com/promo/home/sle11.html

https://hermes.opensuse.org/messages/8581105

https://hermes.opensuse.org/messages/8581108

https://hermes.opensuse.org/messages/8581547

http://secunia.com/advisories/42559/

http://secunia.com/advisories/44704/

http://secunia.com/advisories/44706/

http://dvw-j.blogspot.com/2010/12/logrotate.html

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1098

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1154

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1155

CVE：CVE-2011-1098, CVE-2011-1154, CVE-2011-1155

危険性：Low Risk