Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4579

Overview

Vulnerability Score 1.9 1.9
CVE Id CVE-2008-4579
Last Modified 22 Jan 2013 11:03:56
Published 15 Oct 2008 04:08:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4579

Summary

The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.

Vulnerable Systems

Application

  • Gentoo Cman 2.02.00

  • Gentoo Fence 2.02.00


References

FEDORA - FEDORA-2008-9042

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=467386

VUPEN - ADV-2011-0419

UBUNTU - USN-875-1

BID - 31904

REDHAT - RHSA-2011:0266

MLIST - [oss-security] 20081013 Re: CVE Request

SECUNIA - 43362

SECUNIA - 32390

SECUNIA - 32387

MISC - http://bugs.gentoo.org/show_bug.cgi?id=240576

REDHAT - RHSA-2009:1341

SECUNIA - 36530

Related Patches

Red Hat 2009:1341-02 RHSA Low: cman security, bug fix, and enhancement update for RHEL 5 x86


Last Updated: 27 May 2016 10:55:05