avier Fernandez-Sanguino
Sent: Wednesday, April 27, 2022 6:15:33 PM
To: sec-advisory; 1009...@bugs.debian.org
Cc: Debian Bug Control System
Subject: Re: Bug#1009820: snort: Privilege escalation due to insecure use of
logrotate
severity 1009820 normal
tags 1009820 - upstream
thanks
Dear Wolfga
severity 1009820 normal
tags 1009820 - upstream
thanks
Dear Wolfgang,
The 'snort' user is not a regular user (but a user created by the package
itself, which is blocked from access as it has no password set).
Consequently the privilege escalation you describe cannot be leveraged by a
normal user.
Package: snort
Version: 2.9.15.1-5
Severity: critical
Tags: security upstream
Justification: root security hole
X-Debbugs-Cc: sec-advis...@ait.ac.at
Dear Maintainer,
The path of the logdirectory of snort can be manipulated by user
Snort in Debian Bullseye:
# ls -ld /var/log/snort/
drwxr-s--- 3
3 matches
Mail list logo
