Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4580

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-4580
Last Modified 14 Feb 2011 12:00:00
Published 15 Oct 2008 04:08:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-4580

Summary

fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify arbitrary files via a symlink attack on the fence_manual.fifo temporary file.

Vulnerable Systems

Application

  • Gentoo Cman 2.02.00

  • Gentoo Fence 2.02.00


References

XF - fence-fencemanual-symlink(45953)

UBUNTU - USN-875-1

MLIST - [oss-security] 20081016 Re: CVE Request

MLIST - [oss-security] 20081013 Re: CVE Request

MISC - http://bugs.gentoo.org/show_bug.cgi?id=240576


Last Updated: 27 May 2016 10:48:33