New Search

The (1) fence_apc and (2) fence_apc_snmp programs as used in (a) fence 2.02.00-r1 and possibly (b) cman when running in verbose mode allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.

oval:org.mitre.oval:def:10799

The (1) fence_apc and (2) fence_apc_snmp programs as used in (a) fence 2.02.00-r1 and possibly (b) cman when running in verbose mode allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 5
  • Red Hat Enterprise Linux 5
  • Oracle Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2008-4579
Product(s):