4 matches found
Scientific Linux Security Update : fence on SL4.x i386/x86_64
Insecure temporary file use flaws were found in fenceegenera, fenceapc, and fenceapcsnmp. A local attacker could use these flaws to overwrite an arbitrary file writable by the victim running those utilities via a symbolic link attack. CVE-2008-4192, CVE-2008-4579 This update also fixes the...
Low: Red Hat Security Advisory: fence security, bug fix, and enhancement update
An updated fence package that fixes multiple security issues, several bugs, and adds two enhancements is now available for Red Hat Cluster Suite 4. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which...
cman security, bug fix, and enhancement update
2.0.115-1 - RSA II fencing agent has been fixed. - Resolves: rhbz493802 2.0.114-1 - local variable 'verbosefilename' referenced before assignment has been fixed - RSA II fencing agent has been fixed. - Resolves: rhbz493802 rhbz514758 2.0.113-1 - Limitations with 2-node fencescsi are now properly...
cman/fence: insecure temporary file usage in the apc fence agents
The 1 fenceapc and 2 fenceapcsnmp programs, as used in a fence 2.02.00-r1 and possibly b cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file...