CVE-2011-3626
Published Jan 27, 2012
Last updated 13 years ago
Overview
- Description
- Double free vulnerability in the prepare_exec function in src/exec.c in Logsurfer 1.5b and earlier, and Logsurfer+ 1.7 and earlier, allows remote attackers to execute arbitrary commands via crafted strings in a log file.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-399
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:drusus:logsurfer:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "660B25B1-F025-4141-86DB-756ECFE484DE",
"versionEndIncluding": "1.5b"
},
{
"criteria": "cpe:2.3:a:drusus:logsurfer:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7007B7A6-AC58-41D3-B12C-59EBBA32BB93"
},
{
"criteria": "cpe:2.3:a:drusus:logsurfer:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34D6BCA4-7458-4E85-A46E-96D88EE1BB97"
},
{
"criteria": "cpe:2.3:a:drusus:logsurfer:1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66B2D06B-C5DC-4352-A973-49928EC8D515"
},
{
"criteria": "cpe:2.3:a:drusus:logsurfer:1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A084F1D-D768-4609-8842-9B2B5C045F3A"
},
{
"criteria": "cpe:2.3:a:drusus:logsurfer:1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0139D7D-3707-49A4-8877-302C35BEEA30"
},
{
"criteria": "cpe:2.3:a:drusus:logsurfer:1.5:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B85B99DD-667F-4DBD-8CFD-E90D244143DD"
},
{
"criteria": "cpe:2.3:a:drusus:logsurfer:1.5:beta2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D9DF3EA-5582-40F0-A65B-83672F98499E"
},
{
"criteria": "cpe:2.3:a:drusus:logsurfer:1.5a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B68754D8-3C5A-446D-BB3E-0C20DC687141"
},
{
"criteria": "cpe:2.3:a:drusus:logsurfer:1.41:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB0DACA3-2510-4148-B80C-0BAE97CD57E9"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kerry_thompson:logsurfer\\+:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93A4C643-8516-47B1-9BBD-CF1950ECC4A4",
"versionEndIncluding": "1.7"
},
{
"criteria": "cpe:2.3:a:kerry_thompson:logsurfer\\+:1.5a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1426FD2C-CF14-492C-8B87-B6D2B20E5221"
},
{
"criteria": "cpe:2.3:a:kerry_thompson:logsurfer\\+:1.5b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B11F967-3257-488C-BA94-508B2CAADBF0"
},
{
"criteria": "cpe:2.3:a:kerry_thompson:logsurfer\\+:1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BAEAD0D-148C-44A8-8468-75880D61CC74"
},
{
"criteria": "cpe:2.3:a:kerry_thompson:logsurfer\\+:1.6a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CBE3E01F-5632-4A1B-93C7-F676674836EC"
},
{
"criteria": "cpe:2.3:a:kerry_thompson:logsurfer\\+:1.6b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C782C8C7-6B52-449B-BA87-DFB9F0DEB182"
}
],
"operator": "OR"
}
]
}
]