Executive Summary
| Summary | |
|---|---|
| Title | ccs security update |
| Informations | |||
|---|---|---|---|
| Name | RHSA-2011:0265 | First vendor Publication | 2011-02-16 |
| Vendor | RedHat | Last vendor Modification | 2011-02-16 |
| Severity (Vendor) | Low | Revision | 01 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 6.9 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 3.4 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Problem Description: Updated ccs packages that fix one security issue are now available for Red Hat Cluster Suite 4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Cluster Suite 4AS - i386, ia64, ppc, x86_64 Red Hat Cluster Suite 4ES - i386, ia64, x86_64 Red Hat Cluster Suite 4WS - i386, ia64, x86_64 3. Description: The Cluster Configuration System provides the ability for nodes in a cluster to obtain information about the cluster and each other. ccs_tool is a program for making online updates to the cluster configuration file. An insecure temporary file use flaw was found in ccs_tool. A local attacker could use this flaw to conduct a symbolic link attack, allowing them to overwrite (with the output of ccs_tool) an arbitrary file writable by the victim running ccs_tool. (CVE-2008-6552) All ccs users should upgrade to these updated packages, which correct this issue. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 498980 - cluster product is affected by several symlink attack vulnerabilities 519436 - CVE-2008-6552 cman, gfs2-utils, rgmanager: multiple insecure temporary file use issues |
Original Source
| Url : https://rhn.redhat.com/errata/RHSA-2011-0265.html |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:11404 | |||
| Oval ID: | oval:org.mitre.oval:def:11404 | ||
| Title: | Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9. | ||
| Description: | Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2008-6552 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22793 | |||
| Oval ID: | oval:org.mitre.oval:def:22793 | ||
| Title: | ELSA-2009:1337: gfs2-utils security and bug fix update (Low) | ||
| Description: | Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2009:1337-02 CVE-2008-6552 | Version: | 6 |
| Platform(s): | Oracle Linux 5 | Product(s): | gfs2-utils |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22844 | |||
| Oval ID: | oval:org.mitre.oval:def:22844 | ||
| Title: | ELSA-2009:1341: cman security, bug fix, and enhancement update (Low) | ||
| Description: | Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2009:1341-02 CVE-2008-4579 CVE-2008-6552 | Version: | 13 |
| Platform(s): | Oracle Linux 5 | Product(s): | cman |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:22968 | |||
| Oval ID: | oval:org.mitre.oval:def:22968 | ||
| Title: | ELSA-2009:1339: rgmanager security, bug fix, and enhancement update (Low) | ||
| Description: | Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2009:1339-02 CVE-2008-6552 | Version: | 6 |
| Platform(s): | Oracle Linux 5 | Product(s): | rgmanager |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:28953 | |||
| Oval ID: | oval:org.mitre.oval:def:28953 | ||
| Title: | RHSA-2009:1337 -- gfs2-utils security and bug fix update (Low) | ||
| Description: | An updated gfs2-utils package that fixes multiple security issues and various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. The gfs2-utils package provides the user-space tools necessary to mount, create, maintain, and test GFS2 file systems. Multiple insecure temporary file use flaws were discovered in GFS2 user level utilities. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities (typically root) with the output of the utilities via a symbolic link attack. (CVE-2008-6552) | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2009:1337 CESA-2009:1337-CentOS 5 CVE-2008-6552 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | gfs2-utils |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:29052 | |||
| Oval ID: | oval:org.mitre.oval:def:29052 | ||
| Title: | RHSA-2009:1341 -- cman security, bug fix, and enhancement update (Low) | ||
| Description: | Updated cman packages that fix several security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. The Cluster Manager (cman) utility provides services for managing a Linux cluster. Multiple insecure temporary file use flaws were found in fence_apc_snmp and ccs_tool. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities (typically root) with the output of the utilities via a symbolic link attack. (CVE-2008-4579, CVE-2008-6552) | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2009:1341 CESA-2009:1341-CentOS 5 CVE-2008-4579 CVE-2008-6552 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | cman |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2011-08-09 | Name : CentOS Update for gfs2-utils CESA-2009:1337 centos5 i386 File : nvt/gb_CESA-2009_1337_gfs2-utils_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for rgmanager CESA-2009:1339 centos5 i386 File : nvt/gb_CESA-2009_1339_rgmanager_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for cman CESA-2009:1341 centos5 i386 File : nvt/gb_CESA-2009_1341_cman_centos5_i386.nasl |
| 2009-12-30 | Name : Ubuntu USN-875-1 (redhat-cluster-suite) File : nvt/ubuntu_875_1.nasl |
| 2009-09-21 | Name : CentOS Security Advisory CESA-2009:1337 (gfs2-utils) File : nvt/ovcesa2009_1337.nasl |
| 2009-09-21 | Name : CentOS Security Advisory CESA-2009:1339 (rgmanager) File : nvt/ovcesa2009_1339.nasl |
| 2009-09-21 | Name : CentOS Security Advisory CESA-2009:1341 (cman) File : nvt/ovcesa2009_1341.nasl |
| 2009-09-09 | Name : RedHat Security Advisory RHSA-2009:1337 File : nvt/RHSA_2009_1337.nasl |
| 2009-09-09 | Name : RedHat Security Advisory RHSA-2009:1339 File : nvt/RHSA_2009_1339.nasl |
| 2009-09-09 | Name : RedHat Security Advisory RHSA-2009:1341 File : nvt/RHSA_2009_1341.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 50300 | Cluster Project rgmanager Unspecified Temporary Files Privilege Escalation |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2009-1339.nasl - Type : ACT_GATHER_INFO |
| 2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-1341.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090902_cman_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20090902_gfs2_utils_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20090902_rgmanager_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110216_ccs_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20110216_rgmanager_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2009-1337.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2009-1339.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-1341.nasl - Type : ACT_GATHER_INFO |
| 2009-12-21 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-875-1.nasl - Type : ACT_GATHER_INFO |
| 2009-09-02 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2009-1337.nasl - Type : ACT_GATHER_INFO |
| 2008-11-07 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2008-9458.nasl - Type : ACT_GATHER_INFO |
