Linux Distros Unpatched Vulnerability : CVE-2012-5638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The setuplogging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content o...

Symlink Attack

Red Hat Storage is a software only, scale-out storage solution that provides flexible and agile unstructured data storage for the enterprise. A flaw was found in the way the Swift component used Python pickle. This could lead to arbitrary code execution. With this update, the JSON JavaScript Obje...

Important: Red Hat Security Advisory: Red Hat Storage 2.0 security, bug fix, and enhancement update #4

Updated Red Hat Storage 2.0 packages that fix multiple security issues, several bugs, and add enhancements are now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

CVE-2012-5638

The setuplogging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restrictions via standard filesystem write operations...

CVE-2012-5638

CVE-2012-5638 concerns SANLock: the setup_logging function in log.h creates /var/log/sanlock.log with world-writable permissions, enabling a local user to overwrite log content or bypass quota constraints via standard filesystem writes. The issue is evidenced in multiple sources (NVD/NVD-derived ...