CVE-2011-1018: logwatch: Privilege escalation due improper sanitization of special characters in log file names

Severity: Critical

CVSS Score: 10

logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.