Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4990

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2008-4990
Last Modified 10 Feb 2009 01:56:47
Published 02 Feb 2009 05:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4990

Summary

Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file.

Vulnerable Systems

Application

  • Enomaly Elastic Computing Platform 2.1


References

BID - 33544

BUGTRAQ - 20090130 CVE-2008-4990 Enomaly ECP/Enomalism: Insecure temporary file creation vulnerabilities

SECUNIA - 33724

MLIST - [enomalism] 20081212 ECP 2.1.1 Released


Last Updated: 27 May 2016 10:48:40