NewStart CGSL MAIN 6.06 (SP) : lvm2 Vulnerability (NS-SA-2026-0010)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has lvm2 packages installed that are affected by a vulnerability: - The cluster logical volume manager daemon clvmd in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System GFS and other products, does not verify...

EUVD-2010-2530

Malware in sbrugna...

NewStart CGSL MAIN 6.06 : lvm2 Vulnerability (NS-SA-2025-0216)

The remote NewStart CGSL host, running version MAIN 6.06, has lvm2 packages installed that are affected by a vulnerability: - The cluster logical volume manager daemon clvmd in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System GFS and other products, does not verify clien...

SUSE CVE-2010-2526

The cluster logical volume manager daemon clvmd in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System GFS and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service daemon exit or logical-volume...

Denial Of Service (DoS)

lvm2-cluster is vulnerable to denial of service. It was discovered that the cluster logical volume manager daemon clvmd did not verify the credentials of clients connecting to its control UNIX abstract socket, allowing local, unprivileged users to send control commands that were intended to only ...

RHEL 5 : lvm2-cluster (RHSA-2010:0567)

An updated lvm2-cluster package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

Scientific Linux Security Update : lvm2-cluster,lvm2 for SL5

It was discovered that the cluster logical volume manager daemon clvmd did not verify the credentials of clients connecting to its control UNIX abstract socket, allowing local, unprivileged users to send control commands that were intended to only be available to the privileged root user. This...

SuSE 11 Security Update : lvm2, lvm2-clvm, lvm2-clvm-debuginfo, lvm2-clvm-debugsource, etc (SAT Patch Number 2849)

clvmd, when running, allowed unprivileged local users to issue arbitrary lvm commands CVE-2010-2526 via incorrect permissions. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itsel...

Ubuntu: Security Advisory (USN-1001-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : lvm2 vulnerability (USN-1001-1)

The cluster logical volume manager daemon clvmd in LVM2 did not correctly validate credentials. A local user could use this flaw to manipulate logical volumes without root privileges and cause a denial of service in the cluster. Note that Tenable Network Security has extracted the preceding...

USN-1001-1: LVM2 vulnerability

The cluster logical volume manager daemon clvmd in LVM2 did not correctly validate credentials. A local user could use this flaw to manipulate logical volumes without root privileges and cause a denial of service in the cluster...

Fedora 13 : lvm2-2.02.73-2.fc13 / udisks-1.0.1-4.fc13 (2010-13708)

This update addresses a security problem when using the clustered LVM daemon clvmd from the package lvm2-cluster on systems where you have non-root users. The lvm2 package on its own is not vulnerable to this problem but if you are using lvm2-cluster you must update both together. Further details...

[ MDVSA-2010:171 ] lvm2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:171 http://www.mandriva.com/security/ Package : lvm2 Date : September 6, 2010 Affected: 2009.1, 2010.0, 2010.1 Problem Description: A vulnerability has been found and corrected in lvm2: The cluster logical...

Mandriva Linux Security Advisory : lvm2 (MDVSA-2010:171)

A vulnerability has been found and corrected in lvm2 : The cluster logical volume manager daemon clvmd in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System GFS and other products, does not verify client credentials upon a socket connection, which allows local users to cau...

Mandriva Update for lvm2 MDVSA-2010:171 (lvm2)

Check for the Version of lvm2 OpenVAS Vulnerability Test Mandriva Update for lvm2 MDVSA-2010:171 lvm2 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Fedora 14 : lvm2-2.02.73-1.fc14 (2010-13239)

This update fixes some minor problems as listed in the changelog. To improve performance, Logical Volumes will be aligned at 1MB boundaries by default now on any newly-created Physical Volumes that don't report a preferred alignment to the O/S. This update addresses a security problem when using...

[SECURITY] [DSA 2095-1] New lvm2 packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-2095-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano August 23, 2010 http://www.debian.org/security/faq -...

DSA-2095-1 lvm2 - denial of service

Bulletin has no description...

CVE-2010-2526

The cluster logical volume manager daemon clvmd in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System GFS and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service daemon exit or logical-volume...

Design/Logic Flaw

The cluster logical volume manager daemon clvmd in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System GFS and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service daemon exit or logical-volume...