Back to search
CVE-2009-0115
Published: Mar 30, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
SUSE-SR:2009:007
vendor-advisory
x_refsource_SUSE
34759
third-party-advisory
x_refsource_SECUNIA
38794
third-party-advisory
x_refsource_SECUNIA
[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates
mailing-list
x_refsource_MLIST
DSA-1767
vendor-advisory
x_refsource_DEBIAN
34642
third-party-advisory
x_refsource_SECUNIA
34694
third-party-advisory
x_refsource_SECUNIA
http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm
x_refsource_CONFIRM
34418
third-party-advisory
x_refsource_SECUNIA
34710
third-party-advisory
x_refsource_SECUNIA
FEDORA-2009-3453
vendor-advisory
x_refsource_FEDORA
SUSE-SR:2009:008
vendor-advisory
x_refsource_SUSE
http://launchpad.net/bugs/cve/2009-0115
x_refsource_MISC
oval:org.mitre.oval:def:9214
vdb-entry
signature
x_refsource_OVAL
FEDORA-2009-3449
vendor-advisory
x_refsource_FEDORA
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691
x_refsource_CONFIRM
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
x_refsource_CONFIRM
http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml
x_refsource_CONFIRM
ADV-2010-0528
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now