7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.009 Low
EPSS
Percentile
82.5%
Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9
and Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of
service (CPU consumption and memory corruption) via a cluster.conf file
with many lines. NOTE: it is not clear whether this issue crosses
privilege boundaries in realistic uses of the product.
Author | Note |
---|---|
jdstrand | DoS, but requires access to cluster.conf, which is typically root owned |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 8.04 | noarch | redhat-cluster | < 2.20080227-0ubuntu1.3 | UNKNOWN |
ubuntu | 8.10 | noarch | redhat-cluster | < 2.20080826-0ubuntu1.3 | UNKNOWN |