Lucene search

[email protected]NVD:CVE-2008-6552

HistoryMar 30, 2009 - 4:30 p.m.

CVE-2008-6552

2009-03-3016:30:00

CWE-59

[email protected]

web.nvd.nist.gov

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.1%

JSON

Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9.

Affected configurations

NVD

Node

redhatcluster_projectMatch2.00.00

redhatcluster_projectMatch2.01.00

redhatcluster_projectMatch2.02.00

redhatcluster_projectMatch2.03.00

redhatcluster_projectMatch2.03.01

redhatcluster_projectMatch2.03.03

redhatcluster_projectMatch2.03.04

redhatcluster_projectMatch2.03.05

redhatcluster_projectMatch2.03.7

redhatcluster_projectMatch2.03.08

redhatcluster_projectMatch2.03.09

redhatcluster_projectMatch2.03.10

redhatcluster_projectMatch2.03.11

redhatcluster_projectMatch2.99.00

redhatcluster_projectMatch2.99.01

redhatcluster_projectMatch2.99.02

redhatcluster_projectMatch2.99.03

redhatcluster_projectMatch2.99.04

redhatcluster_projectMatch2.99.05

redhatcluster_projectMatch2.99.06

redhatcluster_projectMatch2.99.07

redhatcluster_projectMatch2.99.08

redhatcluster_projectMatch2.99.09

redhatcluster_projectMatch2.99.10

redhatcluster_projectMatch2.99.11

redhatcluster_projectMatch2.99.12

redhatcluster_projectMatch2.99.13

Node

redhatcmanMatch2.03.03-1

redhatcmanMatch2.03.04-1

redhatcmanMatch2.03.05-1

redhatcmanMatch2.03.07-1

redhatcmanMatch2.03.08-1

redhatrgmanagerMatch2.03.03-1

redhatrgmanagerMatch2.03.04-1

redhatrgmanagerMatch2.03.05-1

redhatrgmanagerMatch2.03.07-1

redhatrgmanagerMatch2.03.08-1

fedoraprojectfedoraMatch9

AND

redhatgfs2-utilsMatch2.03.03-1

redhatgfs2-utilsMatch2.03.04-1

redhatgfs2-utilsMatch2.03.05-1

redhatgfs2-utilsMatch2.03.07-1

redhatgfs2-utilsMatch22.03.08-1

References

osvdb.org/50299

osvdb.org/50300

osvdb.org/50301

rhn.redhat.com/errata/RHSA-2009-1337.html

secunia.com/advisories/32602

secunia.com/advisories/32616

secunia.com/advisories/36530

secunia.com/advisories/36555

secunia.com/advisories/43367

secunia.com/advisories/43372

www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html

www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html

www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html

www.redhat.com/support/errata/RHSA-2009-1339.html

www.redhat.com/support/errata/RHSA-2009-1341.html

www.redhat.com/support/errata/RHSA-2011-0264.html

www.redhat.com/support/errata/RHSA-2011-0265.html

www.securityfocus.com/bid/32179

www.ubuntu.com/usn/USN-875-1

www.vupen.com/english/advisories/2011/0416

www.vupen.com/english/advisories/2011/0417

exchange.xforce.ibmcloud.com/vulnerabilities/46412

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11404

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.1 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.1%

JSON

Related for NVD:CVE-2008-6552

redhat5 openvas23 centos3 nessus16 oraclelinux3 ubuntucve1 prion1 veracode1 cvelist1 cve1 ubuntu1