7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
10.1%
fence is an I/O group fencing system.
The fence_apc, fence_apc_snmp (CVE-2008-4579) and fence_manual (CVE-2008-4580) programs contain symlink vulnerabilities.
These vulnerabilities may allow arbitrary files to be overwritten with root privileges.
There is no known workaround at this time.
Gentoo discontinued support for fence. All fence users should uninstall and choose another software that provides the same functionality.
# emerge --unmerge sys-cluster/fence
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Gentoo | any | all | sys-cluster/fence | < 2.03.09 | UNKNOWN |