Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4417

Overview

Vulnerability Score 3.6 3.6
CVE Id CVE-2012-4417
Last Modified 20 Nov 2012 12:00:00
Published 18 Nov 2012 06:55:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2012-4417

Summary

GlusterFS 3.3.0, as used in Red Hat Storage server 2.0, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.

Vulnerable Systems

Application

  • Glusterfs 3.3.0


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=856341

XF - redhat-storage-glusterfs-symlink(80074)

SECTRACK - 1027756

BID - 56522

REDHAT - RHSA-2012:1456


Last Updated: 27 May 2016 10:58:28