EUVD-2009-0394

Malware in sbrugna...

EUVD-2008-4969

Malware in sbrugna...

Enomaly ECP / Enomalism < 2.2.1 - Multiple Local Vulnerabilities

No description provided by source. Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh redux Synopsis All versions of Enomaly ECP/Enomalism1 before 2.2.1 have multiple issues relating to the use of temporary files in an insecure manner. Fixes for CVE-2008-49902 and CVE-2009-03903 in...

Enomaly ECP: Multiple vulnerabilities in VMcasting protocol &amp; implementation.

Enomaly ECP: Multiple vulnerabilities in VMcasting protocol & implementation. Synopsis Enomaly ECP up to and including v3.0.4 is believed to contain an insecure silent update mechanism that could allow a remote attacker to execute arbitrary code as root, and to inject or modify VM workloads for...

Enomaly ECP code execution

VMCasting payload signing is not implemented during software update process...

Enomaly ECP多个安全漏洞

BUGTRAQ ID: 33544 CVECAN ID: CVE-2008-4990,CVE-2009-0390 Enomaly ECP（之前名为Enomalism）是用于管理虚拟机的软件。 ECP的enomalism2.sh中存在多个安全漏洞，本地攻击者可以通过符号链接攻击以root用户权限覆盖任意系统文件、向kill命令注入参数以终止任意进程或向进程发送信号，或导致虚拟机无法启动。 Enomaly Elastic Computing Platform 2.1 临时解决方法： 将PIDFILE从/tmp/enomalism2.pid更改为/var/run/enomalism2.pid。...

Enomaly ECP / Enomalism &lt; 2.2.1 Multiple Local Vulnerabilities

No description provided by source. Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh redux Synopsis All versions of Enomaly ECP/Enomalism1 before 2.2.1 have multiple issues relating to the use of temporary files in an insecure manner. Fixes for CVE-2008-49902 and CVE-2009-03903 in...

Enomaly ECP / Enomalism symbolic links vulnerability

Insecure temporary files creation...

Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh &#40;redux&#41;

Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh redux Synopsis All versions of Enomaly ECP/Enomalism1 before 2.2.1 have multiple issues relating to the use of temporary files in an insecure manner. Fixes for CVE-2008-49902 and CVE-2009-03903 in 2.1.1 and 2.2 were found to be...

Enomaly ECP Enomalism 2.2.1 - Multiple Local Vulnerabilities

Enomaly ECP Enomalism 2.2.1 - Multiple Local Vulnerabilities Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh redux Synopsis All versions of Enomaly ECP/Enomalism1 before 2.2.1 have multiple issues relating to the use of temporary files in an insecure manner. Fixes for...

Enomaly ECP/Enomalism enomalism2.sh Temporary Files

Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh redux Synopsis All versions of Enomaly ECP/Enomalism1 before 2.2.1 have multiple issues relating to the use of temporary files in an insecure manner. Fixes for CVE-2008-49902 and CVE-2009-03903 in 2.1.1 and 2.2 were found to be...

Enomaly ECP / Enomalism < 2.2.1 Multiple Local Vulnerabilities

Exploit for multiple platform in category local exploits ============================================================== Enomaly ECP / Enomalism 2.2.1 Multiple Local Vulnerabilities ============================================================== Enomaly ECP/Enomalism: Multiple vulnerabilities in...

Enomaly ECP / Enomalism &lt; 2.2.1 - Multiple Local Vulnerabilities

Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh redux Synopsis All versions of Enomaly ECP/Enomalism1 before 2.2.1 have multiple issues relating to the use of temporary files in an insecure manner. Fixes for CVE-2008-49902 and CVE-2009-03903 in 2.1.1 and 2.2 were found to be...

Design/Logic Flaw

Argument injection vulnerability in Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program...

CVE-2008-4990

Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file...

CVE-2009-0390

Argument injection vulnerability in Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program...

Arbitrary file deletion

Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file...

CVE-2009-0390

Argument injection vulnerability in Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program...

CVE-2008-4990

Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file...

CVE-2009-0390

CVE-2009-0390 concerns Enomaly ECP/Enomalism (pre-2.2.1) with local vulnerabilities in enomalism2.sh, where insecure temporary file handling enables argument injection into kill and signaling of arbitrary processes via the /tmp/enomalism2.pid PIDFILE. Connected sources describe a race condition o...