Back to search
CVE-2008-4192
Published: Sep 29, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
30898
vdb-entry
x_refsource_BID
32390
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire
mailing-list
x_refsource_MLIST
http://dev.gentoo.org/~rbu/security/debiantemp/cman
x_refsource_CONFIRM
32387
third-party-advisory
x_refsource_SECUNIA
https://bugs.gentoo.org/show_bug.cgi?id=235770
x_refsource_CONFIRM
31887
third-party-advisory
x_refsource_SECUNIA
http://uvw.ru/report.lenny.txt
x_refsource_MISC
cman-fenceegenera-symlink(44845)
vdb-entry
x_refsource_XF
ADV-2011-0419
vdb-entry
x_refsource_VUPEN
USN-875-1
vendor-advisory
x_refsource_UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=460476
x_refsource_CONFIRM
[oss-security] 20080918 CVE Request (openswan, emacspeak, cman)
mailing-list
x_refsource_MLIST
[oss-security] 20080923 Re: CVE Request (openswan, emacspeak, cman)
mailing-list
x_refsource_MLIST
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410
x_refsource_CONFIRM
FEDORA-2008-9042
vendor-advisory
x_refsource_FEDORA
43362
third-party-advisory
x_refsource_SECUNIA
RHSA-2011:0266
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now