Lucene search
Ubuntu.comUB:CVE-2008-4192HistorySep 29, 2008 - 12:00 a.m.
CVE-2008-4192
2008-09-2900:00:00
ubuntu.com
ubuntu.com
5
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.3%
The pserver_shutdown function in fence_egenera in cman 2.20080629 and
2.20080801 allows local users to overwrite arbitrary files via a symlink
attack on the /tmp/eglog temporary file.
Bugs
Notes
| Author | Note |
|---|---|
| jdstrand | up priority to low, as it may be possible to DoS the system (eg overwriting /etc/shadow with garbage data) |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 8.10 | noarch | redhat-cluster | < 2.20080826-0ubuntu1.3 | UNKNOWN |
Related
veracode
veracode
Arbitrary File Overwrite
2020-04-10 00:41:45
cve
cve
CVE-2008-4192
2008-09-29 17:17:00
prion
prion
Design/Logic Flaw
2008-09-29 17:17:00
nessus
nessus
fedora
fedora
[SECURITY] Fedora 9 Update: cman-2.03.09-1.fc9
2008-11-07 02:55:52
[SECURITY] Fedora 9 Update: gfs2-utils-2.03.09-1.fc9
2008-11-07 02:55:52
[SECURITY] Fedora 9 Update: cman-2.03.08-1.fc9
2008-10-23 16:36:13
redhat
redhat
(RHSA-2011:0266) Low: fence security, bug fix, and enhancement update
2011-02-16 00:00:00
openvas
openvas
Fedora Update for cman FEDORA-2008-9458
2009-02-17 00:00:00
Fedora Update for cman FEDORA-2008-9042
2009-02-17 00:00:00
Fedora Update for gfs2-utils FEDORA-2008-9458
2009-02-17 00:00:00
ubuntu
ubuntu
Red Hat Cluster Suite vulnerabilities
2009-12-18 00:00:00
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
9.3%
Related for UB:CVE-2008-4192