GLSA-201009-09

Executive Summary

Summary
Title	fence: Multiple symlink vulnerabilites

Informations
Name	GLSA-201009-09	First vendor Publication	2010-09-29
Vendor	Gentoo	Last vendor Modification	2010-09-29
Severity (Vendor)	Normal	Revision	N/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	7.2	Attack Range	Local
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	3.9	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

fence contains multiple programs containing vulnerabilites that may allow local users to overwrite arbitrary files via a symlink attack.

Background

fence is an I/O group fencing system.

Description

The fence_apc, fence_apc_snmp (CVE-2008-4579) and fence_manual
(CVE-2008-4580) programs contain symlink vulnerabilites.

Impact

These vulnerabilities may allow arbitrary files to be overwritten with root privileges.

Workaround

There is no known workaround at this time.

Resolution

Gentoo discontinued support for fence. All fence users should uninstall and choose another software that provides the same functionality.
# emerge --unmerge sys-cluster/fence

References

[ 1 ] CVE-2008-4579 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4579
[ 2 ] CVE-2008-4580 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4580

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201009-09.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201009-09.xml

CWE : Common Weakness Enumeration

id	Name
CWE-59	Improper Link Resolution Before File Access ('Link Following')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10799

Oval ID:	oval:org.mitre.oval:def:10799
Title:	The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.
Description:	The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2008-4579	Version:	5
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5	Product(s):
Definition Synopsis:
RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x AND Oracle Linux 5.x AND Configuration section cman-devel is earlier than 0:2.0.115-1.el5 AND cman is earlier than 0:2.0.115-1.el5

CPE : Common Platform Enumeration

Type	Description	Count
Application	Gentoo Cman cpe:/a:gentoo:cman:2.02.00:r1	1
Application	Gentoo Fence cpe:/a:gentoo:fence:2.02.00:r1	1

Open Source Vulnerability Database (OSVDB)

id	Description
50047	fence fence_apc_snmp apclog Temporary File Symlink Arbitrary File Modification
50046	fence fence_apc apclog Temporary File Symlink Arbitrary File Modification
49166	fence fence_manual fence_manual.fifo Temporary File Symlink Arbitrary File Ov...