Oracle Linux 5 : rgmanager (ELSA-2011-1000)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2011-1000 advisory. 2.0.52-21 - rgmanager: Fix bad passing of SFLFAILURE up fixbadpassingofsflfailureup.patch Resolves: rhbz711521 2.0.52-20 - resource-agents: Improve LDLIBRARYPAT...

CVE-2010-3389

CVE-2010-3389 affects the SAPDatabase and SAPInstance scripts in OCF Resource Agents (resource-agents) 1.0.3 used by Linux-HA. The vulnerability arises from placing a zero-length directory name in LD_LIBRARY_PATH, enabling a local attacker to load a Trojan horse shared library from the current wo...