Executive Summary
Summary | |
---|---|
Title | Red Hat Cluster Suite vulnerabilities |
Informations | |||
---|---|---|---|
Name | USN-875-1 | First vendor Publication | 2009-12-18 |
Vendor | Ubuntu | Last vendor Modification | 2009-12-18 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: Ubuntu 8.04 LTS: Ubuntu 8.10: In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Multiple insecure temporary file handling vulnerabilities were discovered in Red Hat Cluster. A local attacker could exploit these to overwrite arbitrary local files via symlinks. (CVE-2008-4192, CVE-2008-4579, CVE-2008-4580, CVE-2008-6552) It was discovered that CMAN did not properly handle malformed configuration files. An attacker could cause a denial of service (via CPU consumption and memory corruption) in a node if the attacker were able to modify the cluster configuration for the node. (CVE-2008-6560) |
Original Source
Url : http://www.ubuntu.com/usn/USN-875-1 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
80 % | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
20 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10799 | |||
Oval ID: | oval:org.mitre.oval:def:10799 | ||
Title: | The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file. | ||
Description: | The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-4579 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11404 | |||
Oval ID: | oval:org.mitre.oval:def:11404 | ||
Title: | Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9. | ||
Description: | Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-6552 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22793 | |||
Oval ID: | oval:org.mitre.oval:def:22793 | ||
Title: | ELSA-2009:1337: gfs2-utils security and bug fix update (Low) | ||
Description: | Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1337-02 CVE-2008-6552 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | gfs2-utils |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22844 | |||
Oval ID: | oval:org.mitre.oval:def:22844 | ||
Title: | ELSA-2009:1341: cman security, bug fix, and enhancement update (Low) | ||
Description: | Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1341-02 CVE-2008-4579 CVE-2008-6552 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | cman |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:22968 | |||
Oval ID: | oval:org.mitre.oval:def:22968 | ||
Title: | ELSA-2009:1339: rgmanager security, bug fix, and enhancement update (Low) | ||
Description: | Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:1339-02 CVE-2008-6552 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | rgmanager |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28953 | |||
Oval ID: | oval:org.mitre.oval:def:28953 | ||
Title: | RHSA-2009:1337 -- gfs2-utils security and bug fix update (Low) | ||
Description: | An updated gfs2-utils package that fixes multiple security issues and various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. The gfs2-utils package provides the user-space tools necessary to mount, create, maintain, and test GFS2 file systems. Multiple insecure temporary file use flaws were discovered in GFS2 user level utilities. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities (typically root) with the output of the utilities via a symbolic link attack. (CVE-2008-6552) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1337 CESA-2009:1337-CentOS 5 CVE-2008-6552 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | gfs2-utils |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29052 | |||
Oval ID: | oval:org.mitre.oval:def:29052 | ||
Title: | RHSA-2009:1341 -- cman security, bug fix, and enhancement update (Low) | ||
Description: | Updated cman packages that fix several security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. The Cluster Manager (cman) utility provides services for managing a Linux cluster. Multiple insecure temporary file use flaws were found in fence_apc_snmp and ccs_tool. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities (typically root) with the output of the utilities via a symbolic link attack. (CVE-2008-4579, CVE-2008-6552) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:1341 CESA-2009:1341-CentOS 5 CVE-2008-4579 CVE-2008-6552 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | cman |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for gfs2-utils CESA-2009:1337 centos5 i386 File : nvt/gb_CESA-2009_1337_gfs2-utils_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for rgmanager CESA-2009:1339 centos5 i386 File : nvt/gb_CESA-2009_1339_rgmanager_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for cman CESA-2009:1341 centos5 i386 File : nvt/gb_CESA-2009_1341_cman_centos5_i386.nasl |
2011-03-09 | Name : Gentoo Security Advisory GLSA 201009-09 (fence) File : nvt/glsa_201009_09.nasl |
2009-12-30 | Name : Ubuntu USN-875-1 (redhat-cluster-suite) File : nvt/ubuntu_875_1.nasl |
2009-09-21 | Name : CentOS Security Advisory CESA-2009:1341 (cman) File : nvt/ovcesa2009_1341.nasl |
2009-09-21 | Name : CentOS Security Advisory CESA-2009:1339 (rgmanager) File : nvt/ovcesa2009_1339.nasl |
2009-09-21 | Name : CentOS Security Advisory CESA-2009:1337 (gfs2-utils) File : nvt/ovcesa2009_1337.nasl |
2009-09-09 | Name : RedHat Security Advisory RHSA-2009:1339 File : nvt/RHSA_2009_1339.nasl |
2009-09-09 | Name : RedHat Security Advisory RHSA-2009:1341 File : nvt/RHSA_2009_1341.nasl |
2009-09-09 | Name : RedHat Security Advisory RHSA-2009:1337 File : nvt/RHSA_2009_1337.nasl |
2009-02-17 | Name : Fedora Update for cman FEDORA-2008-9458 File : nvt/gb_fedora_2008_9458_cman_fc9.nasl |
2009-02-17 | Name : Fedora Update for gfs2-utils FEDORA-2008-9458 File : nvt/gb_fedora_2008_9458_gfs2-utils_fc9.nasl |
2009-02-17 | Name : Fedora Update for rgmanager FEDORA-2008-9458 File : nvt/gb_fedora_2008_9458_rgmanager_fc9.nasl |
2009-02-17 | Name : Fedora Update for rgmanager FEDORA-2008-9042 File : nvt/gb_fedora_2008_9042_rgmanager_fc9.nasl |
2009-02-17 | Name : Fedora Update for gfs2-utils FEDORA-2008-9042 File : nvt/gb_fedora_2008_9042_gfs2-utils_fc9.nasl |
2009-02-17 | Name : Fedora Update for cman FEDORA-2008-9042 File : nvt/gb_fedora_2008_9042_cman_fc9.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
56410 | CMAN - The Cluster Manager cluster.conf Line Handling Overflow DoS |
50300 | Cluster Project rgmanager Unspecified Temporary Files Privilege Escalation |
50047 | fence fence_apc_snmp apclog Temporary File Symlink Arbitrary File Modification |
50046 | fence fence_apc apclog Temporary File Symlink Arbitrary File Modification |
49166 | fence fence_manual fence_manual.fifo Temporary File Symlink Arbitrary File Ov... |
48268 | cman fence_egenera pserver_shutdown Function Temporary File Symlink Arbitrary... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2009-1339.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1341.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090902_cman_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20090902_gfs2_utils_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20090902_rgmanager_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110216_ccs_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20110216_fence_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20110216_rgmanager_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2010-10-06 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201009-09.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2009-1337.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2009-1339.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1341.nasl - Type : ACT_GATHER_INFO |
2009-12-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-875-1.nasl - Type : ACT_GATHER_INFO |
2009-09-02 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2009-1337.nasl - Type : ACT_GATHER_INFO |
2008-11-07 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-9458.nasl - Type : ACT_GATHER_INFO |
2008-10-24 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-9042.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 12:06:28 |
|