Enomaly ECP / Enomalism < 2.2.1 - Multiple Local Vulnerabilities

No description provided by source. Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh redux Synopsis All versions of Enomaly ECP/Enomalism1 before 2.2.1 have multiple issues relating to the use of temporary files in an insecure manner. Fixes for CVE-2008-49902 and CVE-2009-03903 in...

Enomaly ECP: Multiple vulnerabilities in VMcasting protocol &amp; implementation.

Enomaly ECP: Multiple vulnerabilities in VMcasting protocol & implementation. Synopsis Enomaly ECP up to and including v3.0.4 is believed to contain an insecure silent update mechanism that could allow a remote attacker to execute arbitrary code as root, and to inject or modify VM workloads for...

Enomaly ECP多个安全漏洞

BUGTRAQ ID: 33544 CVECAN ID: CVE-2008-4990,CVE-2009-0390 Enomaly ECP（之前名为Enomalism）是用于管理虚拟机的软件。 ECP的enomalism2.sh中存在多个安全漏洞，本地攻击者可以通过符号链接攻击以root用户权限覆盖任意系统文件、向kill命令注入参数以终止任意进程或向进程发送信号，或导致虚拟机无法启动。 Enomaly Elastic Computing Platform 2.1 临时解决方法： 将PIDFILE从/tmp/enomalism2.pid更改为/var/run/enomalism2.pid。...

Enomaly ECP / Enomalism &lt; 2.2.1 Multiple Local Vulnerabilities

No description provided by source. Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh redux Synopsis All versions of Enomaly ECP/Enomalism1 before 2.2.1 have multiple issues relating to the use of temporary files in an insecure manner. Fixes for CVE-2008-49902 and CVE-2009-03903 in...

Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh &#40;redux&#41;

Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh redux Synopsis All versions of Enomaly ECP/Enomalism1 before 2.2.1 have multiple issues relating to the use of temporary files in an insecure manner. Fixes for CVE-2008-49902 and CVE-2009-03903 in 2.1.1 and 2.2 were found to be...

Enomaly ECP Enomalism 2.2.1 - Multiple Local Vulnerabilities

Enomaly ECP Enomalism 2.2.1 - Multiple Local Vulnerabilities Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh redux Synopsis All versions of Enomaly ECP/Enomalism1 before 2.2.1 have multiple issues relating to the use of temporary files in an insecure manner. Fixes for...

Enomaly ECP/Enomalism enomalism2.sh Temporary Files

Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh redux Synopsis All versions of Enomaly ECP/Enomalism1 before 2.2.1 have multiple issues relating to the use of temporary files in an insecure manner. Fixes for CVE-2008-49902 and CVE-2009-03903 in 2.1.1 and 2.2 were found to be...

Enomaly ECP / Enomalism < 2.2.1 Multiple Local Vulnerabilities

Exploit for multiple platform in category local exploits ============================================================== Enomaly ECP / Enomalism 2.2.1 Multiple Local Vulnerabilities ============================================================== Enomaly ECP/Enomalism: Multiple vulnerabilities in...

Enomaly ECP / Enomalism &lt; 2.2.1 - Multiple Local Vulnerabilities

Enomaly ECP/Enomalism: Multiple vulnerabilities in enomalism2.sh redux Synopsis All versions of Enomaly ECP/Enomalism1 before 2.2.1 have multiple issues relating to the use of temporary files in an insecure manner. Fixes for CVE-2008-49902 and CVE-2009-03903 in 2.1.1 and 2.2 were found to be...

Design/Logic Flaw

Argument injection vulnerability in Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program...

CVE-2008-4990

CVE-2008-4990 concerns Enomaly ECP/Enomalism (pre-2.2.1) where a local attacker can exploit a symlink race on the temporary PIDFILE (/tmp/enomalism2.pid) to overwrite arbitrary files as root, or inject/alter process termination signals. The linked Seebug entries detail multiple local vulnerabilit...

CVE-2008-4990 Enomaly ECP/Enomalism: Insecure temporary file creation vulnerabilities

CVE-2008-4990 Enomaly ECP/Enomalism: Insecure temporary file creation vulnerabilities 1. Synopsis All versions of Enomaly ECP/Enomalism prior to 2.1.1 use temporary files in an insecure manner, allowing for symlink and command injection attacks. 2. Impact Information Background Enomaly ECP former...

Enomaly ECP/Enomalism Insecure File Creation

CVE-2008-4990 Enomaly ECP/Enomalism: Insecure temporary file creation vulnerabilities 1. Synopsis All versions of Enomaly ECP/Enomalism prior to 2.1.1 use temporary files in an insecure manner, allowing for symlink and command injection attacks. 2. Impact Information Background Enomaly ECP former...