CVE-2011-3626 - Vulnerability Details - OpenCVE

Double free vulnerability in the prepare_exec function in src/exec.c in Logsurfer 1.5b and earlier, and Logsurfer+ 1.7 and earlier, allows remote attackers to execute arbitrary commands via crafted strings in a log file.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Drusus	Logsurfer
Kerry Thompson	Logsurfer\+

Configuration 1 [-]

OR	cpe:2.3:a:drusus:logsurfer::::::::
	cpe:2.3:a:drusus:logsurfer:1.1:::::::*
	cpe:2.3:a:drusus:logsurfer:1.2:::::::*
	cpe:2.3:a:drusus:logsurfer:1.3:::::::*
	cpe:2.3:a:drusus:logsurfer:1.4:::::::*
	cpe:2.3:a:drusus:logsurfer:1.5:::::::*
	cpe:2.3:a:drusus:logsurfer:1.5:beta::::::
	cpe:2.3:a:drusus:logsurfer:1.5:beta2::::::
	cpe:2.3:a:drusus:logsurfer:1.5a:::::::*
	cpe:2.3:a:drusus:logsurfer:1.41:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:kerry_thompson:logsurfer\+::::::::
	cpe:2.3:a:kerry_thompson:logsurfer\+:1.5a:::::::*
	cpe:2.3:a:kerry_thompson:logsurfer\+:1.5b:::::::*
	cpe:2.3:a:kerry_thompson:logsurfer\+:1.6:::::::*
	cpe:2.3:a:kerry_thompson:logsurfer\+:1.6a:::::::*
	cpe:2.3:a:kerry_thompson:logsurfer\+:1.6b:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/46389
http://secunia.com/advisories/47725
http://security.gentoo.org/glsa/glsa-201201-04.xml
http://www.openwall.com/lists/oss-security/2011/10/17/2
http://www.openwall.com/lists/oss-security/2011/10/17/4
https://bugs.gentoo.org/show_bug.cgi?id=387397

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-01-27T15:00:00Z

Updated: 2024-09-17T03:12:50.746Z

Reserved: 2011-09-21T00:00:00Z

Link: CVE-2011-3626

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2012-01-27T15:55:04.140

Modified: 2025-04-11T00:51:21.963

Link: CVE-2011-3626

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Double free vulnerability in the prepare_exec function in src/exec.c in Logsurfer 1.5b and earlier, and Logsurfer+ 1.7 and earlier, allows remote attackers to execute arbitrary commands via crafted strings in a log file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-01-27T15:00:00Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "46389", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/46389"}, {"name": "[oss-security] 20111017 CVE request: double-free vulnerability in logsurfer", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/10/17/2"}, {"name": "[oss-security] 20111017 Re: CVE request: double-free vulnerability in logsurfer", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2011/10/17/4"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.gentoo.org/show_bug.cgi?id=387397"}, {"name": "47725", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47725"}, {"name": "GLSA-201201-04", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201201-04.xml"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2011-3626", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Double free vulnerability in the prepare_exec function in src/exec.c in Logsurfer 1.5b and earlier, and Logsurfer+ 1.7 and earlier, allows remote attackers to execute arbitrary commands via crafted strings in a log file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "46389", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/46389"}, {"name": "[oss-security] 20111017 CVE request: double-free vulnerability in logsurfer", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2011/10/17/2"}, {"name": "[oss-security] 20111017 Re: CVE request: double-free vulnerability in logsurfer", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2011/10/17/4"}, {"name": "https://bugs.gentoo.org/show_bug.cgi?id=387397", "refsource": "CONFIRM", "url": "https://bugs.gentoo.org/show_bug.cgi?id=387397"}, {"name": "47725", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/47725"}, {"name": "GLSA-201201-04", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201201-04.xml"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:37:48.550Z"}, "title": "CVE Program Container", "references": [{"name": "46389", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/46389"}, {"name": "[oss-security] 20111017 CVE request: double-free vulnerability in logsurfer", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/10/17/2"}, {"name": "[oss-security] 20111017 Re: CVE request: double-free vulnerability in logsurfer", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2011/10/17/4"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.gentoo.org/show_bug.cgi?id=387397"}, {"name": "47725", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/47725"}, {"name": "GLSA-201201-04", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201201-04.xml"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-3626", "datePublished": "2012-01-27T15:00:00Z", "dateReserved": "2011-09-21T00:00:00Z", "dateUpdated": "2024-09-17T03:12:50.746Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:drusus:logsurfer:*:*:*:*:*:*:*:*", "matchCriteriaId": "660B25B1-F025-4141-86DB-756ECFE484DE", "versionEndIncluding": "1.5b", "vulnerable": true}, {"criteria": "cpe:2.3:a:drusus:logsurfer:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7007B7A6-AC58-41D3-B12C-59EBBA32BB93", "vulnerable": true}, {"criteria": "cpe:2.3:a:drusus:logsurfer:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "34D6BCA4-7458-4E85-A46E-96D88EE1BB97", "vulnerable": true}, {"criteria": "cpe:2.3:a:drusus:logsurfer:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "66B2D06B-C5DC-4352-A973-49928EC8D515", "vulnerable": true}, {"criteria": "cpe:2.3:a:drusus:logsurfer:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "8A084F1D-D768-4609-8842-9B2B5C045F3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:drusus:logsurfer:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "E0139D7D-3707-49A4-8877-302C35BEEA30", "vulnerable": true}, {"criteria": "cpe:2.3:a:drusus:logsurfer:1.5:beta:*:*:*:*:*:*", "matchCriteriaId": "B85B99DD-667F-4DBD-8CFD-E90D244143DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:drusus:logsurfer:1.5:beta2:*:*:*:*:*:*", "matchCriteriaId": "5D9DF3EA-5582-40F0-A65B-83672F98499E", "vulnerable": true}, {"criteria": "cpe:2.3:a:drusus:logsurfer:1.5a:*:*:*:*:*:*:*", "matchCriteriaId": "B68754D8-3C5A-446D-BB3E-0C20DC687141", "vulnerable": true}, {"criteria": "cpe:2.3:a:drusus:logsurfer:1.41:*:*:*:*:*:*:*", "matchCriteriaId": "BB0DACA3-2510-4148-B80C-0BAE97CD57E9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kerry_thompson:logsurfer\\+:*:*:*:*:*:*:*:*", "matchCriteriaId": "93A4C643-8516-47B1-9BBD-CF1950ECC4A4", "versionEndIncluding": "1.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:kerry_thompson:logsurfer\\+:1.5a:*:*:*:*:*:*:*", "matchCriteriaId": "1426FD2C-CF14-492C-8B87-B6D2B20E5221", "vulnerable": true}, {"criteria": "cpe:2.3:a:kerry_thompson:logsurfer\\+:1.5b:*:*:*:*:*:*:*", "matchCriteriaId": "6B11F967-3257-488C-BA94-508B2CAADBF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:kerry_thompson:logsurfer\\+:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "6BAEAD0D-148C-44A8-8468-75880D61CC74", "vulnerable": true}, {"criteria": "cpe:2.3:a:kerry_thompson:logsurfer\\+:1.6a:*:*:*:*:*:*:*", "matchCriteriaId": "CBE3E01F-5632-4A1B-93C7-F676674836EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:kerry_thompson:logsurfer\\+:1.6b:*:*:*:*:*:*:*", "matchCriteriaId": "C782C8C7-6B52-449B-BA87-DFB9F0DEB182", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Double free vulnerability in the prepare_exec function in src/exec.c in Logsurfer 1.5b and earlier, and Logsurfer+ 1.7 and earlier, allows remote attackers to execute arbitrary commands via crafted strings in a log file."}, {"lang": "es", "value": "Una vulnerabilidad de doble liberaci\u00f3n en la funci\u00f3n prepare_exec en src/exec.c en Logsurfer v1.5b y anteriores, y Logsurfer+ v1.7 y anteriores, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de cadenas de texto debidamente modificadas en un archivo de registro (log)."}], "id": "CVE-2011-3626", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-01-27T15:55:04.140", "references": [{"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/46389"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47725"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "http://security.gentoo.org/glsa/glsa-201201-04.xml"}, {"source": "[email protected]", "tags": ["Patch"], "url": "http://www.openwall.com/lists/oss-security/2011/10/17/2"}, {"source": "[email protected]", "url": "http://www.openwall.com/lists/oss-security/2011/10/17/4"}, {"source": "[email protected]", "tags": ["Patch", "Vendor Advisory"], "url": "https://bugs.gentoo.org/show_bug.cgi?id=387397"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/46389"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47725"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://security.gentoo.org/glsa/glsa-201201-04.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.openwall.com/lists/oss-security/2011/10/17/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2011/10/17/4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://bugs.gentoo.org/show_bug.cgi?id=387397"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "[email protected]", "type": "Primary"}]}