Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2008-4192 (GCVE-0-2008-4192)
Vulnerability from cvelistv5
Published
2008-09-29 17:00
Modified
2024-08-07 10:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:08:34.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "30898",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30898"
},
{
"name": "32390",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32390"
},
{
"name": "[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/cman"
},
{
"name": "32387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32387"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"name": "31887",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31887"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://uvw.ru/report.lenny.txt"
},
{
"name": "cman-fenceegenera-symlink(44845)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44845"
},
{
"name": "ADV-2011-0419",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0419"
},
{
"name": "USN-875-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-875-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"name": "[oss-security] 20080918 CVE Request (openswan, emacspeak, cman)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/18/3"
},
{
"name": "[oss-security] 20080923 Re: CVE Request (openswan, emacspeak, cman)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/24/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410"
},
{
"name": "FEDORA-2008-9042",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html"
},
{
"name": "43362",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43362"
},
{
"name": "RHSA-2011:0266",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0266.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "30898",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30898"
},
{
"name": "32390",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32390"
},
{
"name": "[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/cman"
},
{
"name": "32387",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32387"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"name": "31887",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31887"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://uvw.ru/report.lenny.txt"
},
{
"name": "cman-fenceegenera-symlink(44845)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44845"
},
{
"name": "ADV-2011-0419",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0419"
},
{
"name": "USN-875-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-875-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"name": "[oss-security] 20080918 CVE Request (openswan, emacspeak, cman)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/18/3"
},
{
"name": "[oss-security] 20080923 Re: CVE Request (openswan, emacspeak, cman)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2008/09/24/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410"
},
{
"name": "FEDORA-2008-9042",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html"
},
{
"name": "43362",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43362"
},
{
"name": "RHSA-2011:0266",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0266.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30898",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30898"
},
{
"name": "32390",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32390"
},
{
"name": "[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"name": "http://dev.gentoo.org/~rbu/security/debiantemp/cman",
"refsource": "CONFIRM",
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/cman"
},
{
"name": "32387",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32387"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=235770",
"refsource": "CONFIRM",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"name": "31887",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31887"
},
{
"name": "http://uvw.ru/report.lenny.txt",
"refsource": "MISC",
"url": "http://uvw.ru/report.lenny.txt"
},
{
"name": "cman-fenceegenera-symlink(44845)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44845"
},
{
"name": "ADV-2011-0419",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0419"
},
{
"name": "USN-875-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-875-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=460476",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"name": "[oss-security] 20080918 CVE Request (openswan, emacspeak, cman)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/18/3"
},
{
"name": "[oss-security] 20080923 Re: CVE Request (openswan, emacspeak, cman)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/24/2"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410"
},
{
"name": "FEDORA-2008-9042",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html"
},
{
"name": "43362",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43362"
},
{
"name": "RHSA-2011:0266",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0266.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4192",
"datePublished": "2008-09-29T17:00:00",
"dateReserved": "2008-09-23T00:00:00",
"dateUpdated": "2024-08-07T10:08:34.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2008-4192\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-09-29T17:17:29.157\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n pserver_shutdown en fence_egenera en cman versiones 2.20080629 y 2.20080801, permite a los usuarios locales sobrescribir archivos arbitrarios por medio de un ataque de tipo symlink en el archivo temporal /tmp/eglog.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":6.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-59\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cman:2.20080629:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"717C7241-213A-4513-9C68-A520475D6F2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:cman:2.20080801:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98367126-EF71-4B1D-95B6-2DFAEDE795D8\"}]}]}],\"references\":[{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://dev.gentoo.org/~rbu/security/debiantemp/cman\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/31887\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32387\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32390\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43362\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://uvw.ru/report.lenny.txt\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/09/18/3\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/09/24/2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/10/30/2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0266.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/30898\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-875-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0419\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugs.gentoo.org/show_bug.cgi?id=235770\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=460476\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/44845\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://dev.gentoo.org/~rbu/security/debiantemp/cman\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/31887\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32387\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32390\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/43362\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://uvw.ru/report.lenny.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/09/18/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/09/24/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2008/10/30/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0266.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/30898\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-875-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2011/0419\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugs.gentoo.org/show_bug.cgi?id=235770\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=460476\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/44845\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Red Hat is aware of this issue and is tracking it via the following bug:\\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-4192\\n\\nThe Red Hat Security Response Team has rated this issue as having low security\\nimpact, a future update may address this flaw. More information regarding\\nissue severity can be found here:\\nhttp://www.redhat.com/security/updates/classification/\\n\",\"lastModified\":\"2008-10-17T00:00:00\"}]}}"
}
}
gsd-2008-4192
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2008-4192",
"description": "The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.",
"id": "GSD-2008-4192",
"references": [
"https://access.redhat.com/errata/RHSA-2011:0266",
"https://access.redhat.com/errata/RHBA-2010:0266"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2008-4192"
],
"details": "The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.",
"id": "GSD-2008-4192",
"modified": "2023-12-13T01:22:59.507016Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "30898",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30898"
},
{
"name": "32390",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32390"
},
{
"name": "[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"name": "http://dev.gentoo.org/~rbu/security/debiantemp/cman",
"refsource": "CONFIRM",
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/cman"
},
{
"name": "32387",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32387"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=235770",
"refsource": "CONFIRM",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"name": "31887",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31887"
},
{
"name": "http://uvw.ru/report.lenny.txt",
"refsource": "MISC",
"url": "http://uvw.ru/report.lenny.txt"
},
{
"name": "cman-fenceegenera-symlink(44845)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44845"
},
{
"name": "ADV-2011-0419",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0419"
},
{
"name": "USN-875-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-875-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=460476",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"name": "[oss-security] 20080918 CVE Request (openswan, emacspeak, cman)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/18/3"
},
{
"name": "[oss-security] 20080923 Re: CVE Request (openswan, emacspeak, cman)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2008/09/24/2"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410"
},
{
"name": "FEDORA-2008-9042",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html"
},
{
"name": "43362",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43362"
},
{
"name": "RHSA-2011:0266",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0266.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:cman:2.20080629:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:cman:2.20080801:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4192"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20080918 CVE Request (openswan, emacspeak, cman)",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2008/09/18/3"
},
{
"name": "[oss-security] 20080923 Re: CVE Request (openswan, emacspeak, cman)",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2008/09/24/2"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410",
"refsource": "CONFIRM",
"tags": [],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=460476",
"refsource": "CONFIRM",
"tags": [],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"name": "[oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=235770",
"refsource": "CONFIRM",
"tags": [],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"name": "http://dev.gentoo.org/~rbu/security/debiantemp/cman",
"refsource": "CONFIRM",
"tags": [],
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/cman"
},
{
"name": "30898",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/30898"
},
{
"name": "32387",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32387"
},
{
"name": "FEDORA-2008-9042",
"refsource": "FEDORA",
"tags": [],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html"
},
{
"name": "http://uvw.ru/report.lenny.txt",
"refsource": "MISC",
"tags": [],
"url": "http://uvw.ru/report.lenny.txt"
},
{
"name": "32390",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32390"
},
{
"name": "31887",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31887"
},
{
"name": "USN-875-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-875-1"
},
{
"name": "RHSA-2011:0266",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0266.html"
},
{
"name": "ADV-2011-0419",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0419"
},
{
"name": "43362",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43362"
},
{
"name": "cman-fenceegenera-symlink(44845)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44845"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2017-08-08T01:32Z",
"publishedDate": "2008-09-29T17:17Z"
}
}
}
fkie_cve-2008-4192
Vulnerability from fkie_nvd
Published
2008-09-29 17:17
Modified
2025-04-09 00:30
Severity ?
Summary
The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410 | ||
| cve@mitre.org | http://dev.gentoo.org/~rbu/security/debiantemp/cman | ||
| cve@mitre.org | http://secunia.com/advisories/31887 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32387 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/32390 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/43362 | Vendor Advisory | |
| cve@mitre.org | http://uvw.ru/report.lenny.txt | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2008/09/18/3 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2008/09/24/2 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2008/10/30/2 | ||
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2011-0266.html | ||
| cve@mitre.org | http://www.securityfocus.com/bid/30898 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-875-1 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2011/0419 | Vendor Advisory | |
| cve@mitre.org | https://bugs.gentoo.org/show_bug.cgi?id=235770 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=460476 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/44845 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://dev.gentoo.org/~rbu/security/debiantemp/cman | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/31887 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32387 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/32390 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43362 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://uvw.ru/report.lenny.txt | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2008/09/18/3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2008/09/24/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2008/10/30/2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2011-0266.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/30898 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-875-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0419 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugs.gentoo.org/show_bug.cgi?id=235770 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=460476 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/44845 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:cman:2.20080629:*:*:*:*:*:*:*",
"matchCriteriaId": "717C7241-213A-4513-9C68-A520475D6F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:cman:2.20080801:*:*:*:*:*:*:*",
"matchCriteriaId": "98367126-EF71-4B1D-95B6-2DFAEDE795D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file."
},
{
"lang": "es",
"value": "La funci\u00f3n pserver_shutdown en fence_egenera en cman versiones 2.20080629 y 2.20080801, permite a los usuarios locales sobrescribir archivos arbitrarios por medio de un ataque de tipo symlink en el archivo temporal /tmp/eglog."
}
],
"id": "CVE-2008-4192",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-29T17:17:29.157",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410"
},
{
"source": "cve@mitre.org",
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/cman"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31887"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32387"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32390"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43362"
},
{
"source": "cve@mitre.org",
"url": "http://uvw.ru/report.lenny.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2008/09/18/3"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2008/09/24/2"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0266.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30898"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-875-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0419"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44845"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/cman"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31887"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43362"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://uvw.ru/report.lenny.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/09/18/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/09/24/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0266.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-875-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0419"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat is aware of this issue and is tracking it via the following bug:\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-4192\n\nThe Red Hat Security Response Team has rated this issue as having low security\nimpact, a future update may address this flaw. More information regarding\nissue severity can be found here:\nhttp://www.redhat.com/security/updates/classification/\n",
"lastModified": "2008-10-17T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
rhba-2010_0266
Vulnerability from csaf_redhat
Published
2010-03-30 00:00
Modified
2024-11-22 03:11
Summary
Red Hat Bug Fix Advisory: cman bug fix and enhancement update
Notes
Topic
Updated cman packages that fix bugs and add enhancements are now available.
Details
The Cluster Manager (cman) utility provides user-level services for
managing a Linux cluster.
Changes in this update:
* fence_rsa fails to login with new RSA II firmware. (BZ#549473)
* fence_virsh reports vm status incorrectly. (BZ#544664)
* improve error messages from ccsd if there is a network problem.
(BZ#517399)
* new fence agent for VMWare. (BZ#548577)
Note: this is a Tech Preview only.
* fence agent for HP iLO2 MP. (BZ#508722)
* fence agent for RSB ends with traceback. (BZ#545054)
* security feature for SNMP based agent: apc_snmp & ibmblade. (BZ#532922)
* change default timeout values for various fence agents. (BZ#549124)
* "Option -V" (show version) was not working in all fence agents.
(BZ#549113)
* automatically configure consensus based on token timeout. (BZ#544482)
* add readconfig & dumpconfig to fence_tool. (BZ#514662)
* make groupd handle partition merges. (BZ#546082)
* groupd: clean up leaving failed node. (BZ#521817)
* scsi_reserve should always echo after failure. (BZ#514260)
* fence_scsi_test: add debug information. (BZ#516763)
* fence_scsi_test should not allow -c & -s options together. (BZ#528832)
* fix fence_ipmilan read from unitialized memory. (BZ#532138)
* make qdiskd stop crying wolf. (BZ#532773)
* fencing failed when used without telnet or ssh. (BZ#512343)
* APC changed product name (MasterSwitch -> Switched Rack PDU). (BZ#447481)
* fix invalid initalization introduced by retry-on option.
* broken device detection for DRAC3 ERA/O. (BZ#489809)
* fix case sensitivities in action parameter. (BZ#528938)
* fencing_snmp failed on all operations & traceback fix. (BZ#528916)
* accept unknown options from standard input. (BZ#532920)
* fence_apc unable to obtain plug status. (BZ#532916)
* timeout options added. (BZ#507514)
* better default timeout for bladecenter. (BZ#526806)
* the LOGIN_TIMEOUT value was too short for fence_lpar & the SSH login
timed out before the connection could be completed. (BZ#546340)
* add missing-as-off option (missing blade/device is always OFF).
(BZ#248006)
* make qdiskd "master-wins" node work. (BZ#372901)
* make qdisk self-fence system if write errors take longer than
interval*tko. (BZ#511113)
* make service_cman.lcrso executable, so RPM adds it to the debuginfo pkg.
(BZ#511346)
* don't check for xm command in cman init script: virsh is more
appropriate. (BZ#516111)
* allow re-registering of a quorum device. (BZ#525270)
* fix fence_scsi, multipath & persistent reservations. (BZ#516625)
* cman_tool leave remove reduces quorum when no services are connected.
(BZ#515446)
* fence_sanbox2 unable to retrieve status. (BZ#512947)
* gfs_controld: GETLK should free unused resource. (BZ#513285)
* allow IP addresses as node names. (BZ#504158)
* fence_scsi man page contains invalid option. (BZ#515731)
* fence_scsi support for 2 node clusters. (BZ#516085)
* Support for power cycle in fence ipmi. (BZ#482913)
* add option 'list devices' for fencing agents. (BZ#519697)
* add support for switching IPv4/IPv6. (BZ#520458)
* fence agent ends with traceback if option is missing. (BZ#508262)
* command line options to override default ports for different services,
such as SSH & Telnet (i.e. -u option) were added. (BZ#506928)
Note: "-u" does not currently work with fence_wti. Other agents honor the
port override command line options properly, however. (BZ#506928)
* force stdout close for fencing agents. (BZ#518622)
* support for long options. (BZ#519670)
* fix a situation where cman could kill the wrong nodes. (BZ#513260)
* fix support for >100 gfs & gfs2 file systems. (BZ#561892)
* fix a problem where 'dm suspend' would hang a withdrawn GFS file system.
(BZ#570530)
* fix a problem where fence_snmp returned success when the operation
failed. (BZ#573834)
* fencing support for the new iDRAC interface included with Dell PowerEdge
R710 & R910 blade servers was added. (BZ#496748)
All cman users should install this update which makes these changes.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated cman packages that fix bugs and add enhancements are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "The Cluster Manager (cman) utility provides user-level services for\nmanaging a Linux cluster.\n\nChanges in this update:\n\n* fence_rsa fails to login with new RSA II firmware. (BZ#549473)\n\n* fence_virsh reports vm status incorrectly. (BZ#544664)\n\n* improve error messages from ccsd if there is a network problem.\n(BZ#517399)\n\n* new fence agent for VMWare. (BZ#548577)\n\nNote: this is a Tech Preview only.\n\n* fence agent for HP iLO2 MP. (BZ#508722)\n\n* fence agent for RSB ends with traceback. (BZ#545054)\n\n* security feature for SNMP based agent: apc_snmp \u0026 ibmblade. (BZ#532922)\n\n* change default timeout values for various fence agents. (BZ#549124)\n\n* \"Option -V\" (show version) was not working in all fence agents.\n(BZ#549113)\n\n* automatically configure consensus based on token timeout. (BZ#544482)\n\n* add readconfig \u0026 dumpconfig to fence_tool. (BZ#514662)\n\n* make groupd handle partition merges. (BZ#546082)\n\n* groupd: clean up leaving failed node. (BZ#521817)\n\n* scsi_reserve should always echo after failure. (BZ#514260)\n\n* fence_scsi_test: add debug information. (BZ#516763)\n\n* fence_scsi_test should not allow -c \u0026 -s options together. (BZ#528832)\n\n* fix fence_ipmilan read from unitialized memory. (BZ#532138)\n\n* make qdiskd stop crying wolf. (BZ#532773)\n\n* fencing failed when used without telnet or ssh. (BZ#512343)\n\n* APC changed product name (MasterSwitch -\u003e Switched Rack PDU). (BZ#447481)\n\n* fix invalid initalization introduced by retry-on option.\n\n* broken device detection for DRAC3 ERA/O. (BZ#489809)\n\n* fix case sensitivities in action parameter. (BZ#528938)\n\n* fencing_snmp failed on all operations \u0026 traceback fix. (BZ#528916)\n\n* accept unknown options from standard input. (BZ#532920)\n\n* fence_apc unable to obtain plug status. (BZ#532916)\n\n* timeout options added. (BZ#507514)\n\n* better default timeout for bladecenter. (BZ#526806)\n\n* the LOGIN_TIMEOUT value was too short for fence_lpar \u0026 the SSH login\ntimed out before the connection could be completed. (BZ#546340)\n\n* add missing-as-off option (missing blade/device is always OFF).\n(BZ#248006)\n\n* make qdiskd \"master-wins\" node work. (BZ#372901)\n\n* make qdisk self-fence system if write errors take longer than\ninterval*tko. (BZ#511113)\n\n* make service_cman.lcrso executable, so RPM adds it to the debuginfo pkg.\n(BZ#511346)\n\n* don\u0027t check for xm command in cman init script: virsh is more\nappropriate. (BZ#516111)\n\n* allow re-registering of a quorum device. (BZ#525270)\n\n* fix fence_scsi, multipath \u0026 persistent reservations. (BZ#516625)\n\n* cman_tool leave remove reduces quorum when no services are connected.\n(BZ#515446)\n\n* fence_sanbox2 unable to retrieve status. (BZ#512947)\n\n* gfs_controld: GETLK should free unused resource. (BZ#513285)\n\n* allow IP addresses as node names. (BZ#504158)\n\n* fence_scsi man page contains invalid option. (BZ#515731)\n\n* fence_scsi support for 2 node clusters. (BZ#516085)\n\n* Support for power cycle in fence ipmi. (BZ#482913)\n\n* add option \u0027list devices\u0027 for fencing agents. (BZ#519697)\n\n* add support for switching IPv4/IPv6. (BZ#520458)\n\n* fence agent ends with traceback if option is missing. (BZ#508262)\n\n* command line options to override default ports for different services,\nsuch as SSH \u0026 Telnet (i.e. -u option) were added. (BZ#506928)\n\nNote: \"-u\" does not currently work with fence_wti. Other agents honor the\nport override command line options properly, however. (BZ#506928)\n\n* force stdout close for fencing agents. (BZ#518622)\n\n* support for long options. (BZ#519670)\n\n* fix a situation where cman could kill the wrong nodes. (BZ#513260)\n\n* fix support for \u003e100 gfs \u0026 gfs2 file systems. (BZ#561892)\n\n* fix a problem where \u0027dm suspend\u0027 would hang a withdrawn GFS file system.\n(BZ#570530)\n\n* fix a problem where fence_snmp returned success when the operation\nfailed. (BZ#573834)\n\n* fencing support for the new iDRAC interface included with Dell PowerEdge\nR710 \u0026 R910 blade servers was added. (BZ#496748)\n\nAll cman users should install this update which makes these changes.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2010:0266",
"url": "https://access.redhat.com/errata/RHBA-2010:0266"
},
{
"category": "external",
"summary": "248006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=248006"
},
{
"category": "external",
"summary": "372901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=372901"
},
{
"category": "external",
"summary": "447481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447481"
},
{
"category": "external",
"summary": "482913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=482913"
},
{
"category": "external",
"summary": "489809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=489809"
},
{
"category": "external",
"summary": "496748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=496748"
},
{
"category": "external",
"summary": "504158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504158"
},
{
"category": "external",
"summary": "506928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=506928"
},
{
"category": "external",
"summary": "507514",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=507514"
},
{
"category": "external",
"summary": "508262",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=508262"
},
{
"category": "external",
"summary": "508722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=508722"
},
{
"category": "external",
"summary": "511113",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=511113"
},
{
"category": "external",
"summary": "511346",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=511346"
},
{
"category": "external",
"summary": "512343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512343"
},
{
"category": "external",
"summary": "512947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512947"
},
{
"category": "external",
"summary": "513260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=513260"
},
{
"category": "external",
"summary": "513285",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=513285"
},
{
"category": "external",
"summary": "514260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=514260"
},
{
"category": "external",
"summary": "515446",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=515446"
},
{
"category": "external",
"summary": "515731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=515731"
},
{
"category": "external",
"summary": "516085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516085"
},
{
"category": "external",
"summary": "516111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516111"
},
{
"category": "external",
"summary": "516763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516763"
},
{
"category": "external",
"summary": "517399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=517399"
},
{
"category": "external",
"summary": "518622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=518622"
},
{
"category": "external",
"summary": "519670",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=519670"
},
{
"category": "external",
"summary": "519697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=519697"
},
{
"category": "external",
"summary": "520458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=520458"
},
{
"category": "external",
"summary": "521817",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521817"
},
{
"category": "external",
"summary": "528832",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=528832"
},
{
"category": "external",
"summary": "528938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=528938"
},
{
"category": "external",
"summary": "532138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=532138"
},
{
"category": "external",
"summary": "532773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=532773"
},
{
"category": "external",
"summary": "532916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=532916"
},
{
"category": "external",
"summary": "532920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=532920"
},
{
"category": "external",
"summary": "532922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=532922"
},
{
"category": "external",
"summary": "544482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=544482"
},
{
"category": "external",
"summary": "544664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=544664"
},
{
"category": "external",
"summary": "545054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=545054"
},
{
"category": "external",
"summary": "546082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=546082"
},
{
"category": "external",
"summary": "546340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=546340"
},
{
"category": "external",
"summary": "548577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=548577"
},
{
"category": "external",
"summary": "549113",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=549113"
},
{
"category": "external",
"summary": "549473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=549473"
},
{
"category": "external",
"summary": "570530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=570530"
},
{
"category": "external",
"summary": "573834",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=573834"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhba-2010_0266.json"
}
],
"title": "Red Hat Bug Fix Advisory: cman bug fix and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T03:11:46+00:00",
"generator": {
"date": "2024-11-22T03:11:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHBA-2010:0266",
"initial_release_date": "2010-03-30T00:00:00+00:00",
"revision_history": [
{
"date": "2010-03-30T00:00:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-03-29T08:54:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T03:11:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-devel-0:2.0.115-34.el5.x86_64",
"product": {
"name": "cman-devel-0:2.0.115-34.el5.x86_64",
"product_id": "cman-devel-0:2.0.115-34.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-devel@2.0.115-34.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cman-0:2.0.115-34.el5.x86_64",
"product": {
"name": "cman-0:2.0.115-34.el5.x86_64",
"product_id": "cman-0:2.0.115-34.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman@2.0.115-34.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cman-debuginfo-0:2.0.115-34.el5.x86_64",
"product": {
"name": "cman-debuginfo-0:2.0.115-34.el5.x86_64",
"product_id": "cman-debuginfo-0:2.0.115-34.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-34.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-devel-0:2.0.115-34.el5.i386",
"product": {
"name": "cman-devel-0:2.0.115-34.el5.i386",
"product_id": "cman-devel-0:2.0.115-34.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-devel@2.0.115-34.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "cman-debuginfo-0:2.0.115-34.el5.i386",
"product": {
"name": "cman-debuginfo-0:2.0.115-34.el5.i386",
"product_id": "cman-debuginfo-0:2.0.115-34.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-34.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "cman-0:2.0.115-34.el5.i386",
"product": {
"name": "cman-0:2.0.115-34.el5.i386",
"product_id": "cman-0:2.0.115-34.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman@2.0.115-34.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-0:2.0.115-34.el5.src",
"product": {
"name": "cman-0:2.0.115-34.el5.src",
"product_id": "cman-0:2.0.115-34.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman@2.0.115-34.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-devel-0:2.0.115-34.el5.ia64",
"product": {
"name": "cman-devel-0:2.0.115-34.el5.ia64",
"product_id": "cman-devel-0:2.0.115-34.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-devel@2.0.115-34.el5?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "cman-0:2.0.115-34.el5.ia64",
"product": {
"name": "cman-0:2.0.115-34.el5.ia64",
"product_id": "cman-0:2.0.115-34.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman@2.0.115-34.el5?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "cman-debuginfo-0:2.0.115-34.el5.ia64",
"product": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ia64",
"product_id": "cman-debuginfo-0:2.0.115-34.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-34.el5?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-devel-0:2.0.115-34.el5.ppc64",
"product": {
"name": "cman-devel-0:2.0.115-34.el5.ppc64",
"product_id": "cman-devel-0:2.0.115-34.el5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-devel@2.0.115-34.el5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc64",
"product": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc64",
"product_id": "cman-debuginfo-0:2.0.115-34.el5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-34.el5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-devel-0:2.0.115-34.el5.ppc",
"product": {
"name": "cman-devel-0:2.0.115-34.el5.ppc",
"product_id": "cman-devel-0:2.0.115-34.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-devel@2.0.115-34.el5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "cman-0:2.0.115-34.el5.ppc",
"product": {
"name": "cman-0:2.0.115-34.el5.ppc",
"product_id": "cman-0:2.0.115-34.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman@2.0.115-34.el5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc",
"product": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc",
"product_id": "cman-debuginfo-0:2.0.115-34.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-34.el5?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-0:2.0.115-34.el5.src"
},
"product_reference": "cman-0:2.0.115-34.el5.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-devel-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-devel-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-devel-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-0:2.0.115-34.el5.src"
},
"product_reference": "cman-0:2.0.115-34.el5.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-debuginfo-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-debuginfo-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-debuginfo-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-debuginfo-0:2.0.115-34.el5.ppc64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-debuginfo-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-devel-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-devel-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-devel-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-devel-0:2.0.115-34.el5.ppc64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-devel-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-4192",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2008-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "460476"
}
],
"notes": [
{
"category": "description",
"text": "The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cman/fence: insecure temporary file usage in the egenera fence agent",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:cman-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-0:2.0.115-34.el5.src",
"5Client-Workstation:cman-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.x86_64",
"5Server:cman-0:2.0.115-34.el5.i386",
"5Server:cman-0:2.0.115-34.el5.ia64",
"5Server:cman-0:2.0.115-34.el5.ppc",
"5Server:cman-0:2.0.115-34.el5.src",
"5Server:cman-0:2.0.115-34.el5.x86_64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Server:cman-devel-0:2.0.115-34.el5.i386",
"5Server:cman-devel-0:2.0.115-34.el5.ia64",
"5Server:cman-devel-0:2.0.115-34.el5.ppc",
"5Server:cman-devel-0:2.0.115-34.el5.ppc64",
"5Server:cman-devel-0:2.0.115-34.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-4192"
},
{
"category": "external",
"summary": "RHBZ#460476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-4192",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-4192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4192"
}
],
"release_date": "2008-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-03-30T00:00:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:cman-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-0:2.0.115-34.el5.src",
"5Client-Workstation:cman-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.x86_64",
"5Server:cman-0:2.0.115-34.el5.i386",
"5Server:cman-0:2.0.115-34.el5.ia64",
"5Server:cman-0:2.0.115-34.el5.ppc",
"5Server:cman-0:2.0.115-34.el5.src",
"5Server:cman-0:2.0.115-34.el5.x86_64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Server:cman-devel-0:2.0.115-34.el5.i386",
"5Server:cman-devel-0:2.0.115-34.el5.ia64",
"5Server:cman-devel-0:2.0.115-34.el5.ppc",
"5Server:cman-devel-0:2.0.115-34.el5.ppc64",
"5Server:cman-devel-0:2.0.115-34.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2010:0266"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-Workstation:cman-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-0:2.0.115-34.el5.src",
"5Client-Workstation:cman-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.x86_64",
"5Server:cman-0:2.0.115-34.el5.i386",
"5Server:cman-0:2.0.115-34.el5.ia64",
"5Server:cman-0:2.0.115-34.el5.ppc",
"5Server:cman-0:2.0.115-34.el5.src",
"5Server:cman-0:2.0.115-34.el5.x86_64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Server:cman-devel-0:2.0.115-34.el5.i386",
"5Server:cman-devel-0:2.0.115-34.el5.ia64",
"5Server:cman-devel-0:2.0.115-34.el5.ppc",
"5Server:cman-devel-0:2.0.115-34.el5.ppc64",
"5Server:cman-devel-0:2.0.115-34.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cman/fence: insecure temporary file usage in the egenera fence agent"
}
]
}
RHSA-2011:0266
Vulnerability from csaf_redhat
Published
2011-02-16 15:18
Modified
2025-10-09 13:13
Summary
Red Hat Security Advisory: fence security, bug fix, and enhancement update
Notes
Topic
An updated fence package that fixes multiple security issues, several bugs,
and adds two enhancements is now available for Red Hat Cluster Suite 4.
The Red Hat Security Response Team has rated this update as having low
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The fence package allows failed or unreachable nodes to be forcibly
restarted and removed from a cluster.
Insecure temporary file use flaws were found in fence_egenera, fence_apc,
and fence_apc_snmp. A local attacker could use these flaws to overwrite an
arbitrary file writable by the victim running those utilities via a
symbolic link attack. (CVE-2008-4192, CVE-2008-4579)
This update also fixes the following bugs:
* fence_apc_snmp now waits for five seconds after fencing to properly get
status. (BZ#494587)
* The fence_drac5 help output now shows the proper commands. (BZ#498870)
* fence_scsi_test.pl now verifies that sg_persist is in the path before
running. (BZ#500172)
* fence_drac5 is now more consistent with other agents and uses module_name
instead of modulename. (BZ#500546)
* fence_apc and fence_wti no longer fail with a pexpect exception.
(BZ#501890, BZ#504589)
* fence_wti no longer issues a traceback when an option is missing.
(BZ#508258)
* fence_sanbox2 is now able to properly obtain the status after fencing.
(BZ#510279)
* Fencing no longer fails if fence_wti is used without telnet. (BZ#510335)
* fence_scsi get_scsi_devices no longer hangs with various devices.
(BZ#545193)
* fence_ilo no longer fails to reboot with ilo2 firmware 1.70. (BZ#545682)
* Fixed an issue with fence_ilo not rebooting in some implementations.
(BZ#576036)
* fence_ilo no longer throws exceptions if the user does not have power
privileges. (BZ#576178)
As well, this update adds the following enhancements:
* Support has been added for SSH-enabled RSA II fence devices. (BZ#476161)
* The APC fence agent will now work with a non-root account. (BZ#491643)
All fence users are advised to upgrade to this updated package, which
corrects these issues and adds these enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated fence package that fixes multiple security issues, several bugs,\nand adds two enhancements is now available for Red Hat Cluster Suite 4.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The fence package allows failed or unreachable nodes to be forcibly\nrestarted and removed from a cluster.\n\nInsecure temporary file use flaws were found in fence_egenera, fence_apc,\nand fence_apc_snmp. A local attacker could use these flaws to overwrite an\narbitrary file writable by the victim running those utilities via a\nsymbolic link attack. (CVE-2008-4192, CVE-2008-4579)\n\nThis update also fixes the following bugs:\n\n* fence_apc_snmp now waits for five seconds after fencing to properly get\nstatus. (BZ#494587)\n\n* The fence_drac5 help output now shows the proper commands. (BZ#498870)\n\n* fence_scsi_test.pl now verifies that sg_persist is in the path before\nrunning. (BZ#500172)\n\n* fence_drac5 is now more consistent with other agents and uses module_name\ninstead of modulename. (BZ#500546)\n\n* fence_apc and fence_wti no longer fail with a pexpect exception.\n(BZ#501890, BZ#504589)\n\n* fence_wti no longer issues a traceback when an option is missing.\n(BZ#508258)\n\n* fence_sanbox2 is now able to properly obtain the status after fencing.\n(BZ#510279)\n\n* Fencing no longer fails if fence_wti is used without telnet. (BZ#510335)\n\n* fence_scsi get_scsi_devices no longer hangs with various devices.\n(BZ#545193)\n\n* fence_ilo no longer fails to reboot with ilo2 firmware 1.70. (BZ#545682)\n\n* Fixed an issue with fence_ilo not rebooting in some implementations.\n(BZ#576036)\n\n* fence_ilo no longer throws exceptions if the user does not have power\nprivileges. (BZ#576178)\n\nAs well, this update adds the following enhancements:\n\n* Support has been added for SSH-enabled RSA II fence devices. (BZ#476161)\n\n* The APC fence agent will now work with a non-root account. (BZ#491643)\n\nAll fence users are advised to upgrade to this updated package, which\ncorrects these issues and adds these enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2011:0266",
"url": "https://access.redhat.com/errata/RHSA-2011:0266"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "460476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"category": "external",
"summary": "467386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=467386"
},
{
"category": "external",
"summary": "491643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=491643"
},
{
"category": "external",
"summary": "494587",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=494587"
},
{
"category": "external",
"summary": "498870",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=498870"
},
{
"category": "external",
"summary": "498983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=498983"
},
{
"category": "external",
"summary": "500172",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=500172"
},
{
"category": "external",
"summary": "500546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=500546"
},
{
"category": "external",
"summary": "501890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=501890"
},
{
"category": "external",
"summary": "504589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504589"
},
{
"category": "external",
"summary": "508268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=508268"
},
{
"category": "external",
"summary": "510279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=510279"
},
{
"category": "external",
"summary": "545193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=545193"
},
{
"category": "external",
"summary": "545682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=545682"
},
{
"category": "external",
"summary": "576036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=576036"
},
{
"category": "external",
"summary": "576178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=576178"
},
{
"category": "external",
"summary": "584133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=584133"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_0266.json"
}
],
"title": "Red Hat Security Advisory: fence security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-10-09T13:13:08+00:00",
"generator": {
"date": "2025-10-09T13:13:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2011:0266",
"initial_release_date": "2011-02-16T15:18:00+00:00",
"revision_history": [
{
"date": "2011-02-16T15:18:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2011-02-16T11:14:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T13:13:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Cluster Suite 4AS",
"product": {
"name": "Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_cluster:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Cluster Suite 4ES",
"product": {
"name": "Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_cluster:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Cluster Suite 4WS",
"product": {
"name": "Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_cluster:4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Cluster Suite"
},
{
"branches": [
{
"category": "product_version",
"name": "fence-0:1.32.68-5.el4.i686",
"product": {
"name": "fence-0:1.32.68-5.el4.i686",
"product_id": "fence-0:1.32.68-5.el4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence@1.32.68-5.el4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "fence-debuginfo-0:1.32.68-5.el4.i686",
"product": {
"name": "fence-debuginfo-0:1.32.68-5.el4.i686",
"product_id": "fence-debuginfo-0:1.32.68-5.el4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence-debuginfo@1.32.68-5.el4?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "fence-0:1.32.68-5.el4.ia64",
"product": {
"name": "fence-0:1.32.68-5.el4.ia64",
"product_id": "fence-0:1.32.68-5.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence@1.32.68-5.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"product": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"product_id": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence-debuginfo@1.32.68-5.el4?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "fence-0:1.32.68-5.el4.src",
"product": {
"name": "fence-0:1.32.68-5.el4.src",
"product_id": "fence-0:1.32.68-5.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence@1.32.68-5.el4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "fence-0:1.32.68-5.el4.x86_64",
"product": {
"name": "fence-0:1.32.68-5.el4.x86_64",
"product_id": "fence-0:1.32.68-5.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence@1.32.68-5.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"product": {
"name": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"product_id": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence-debuginfo@1.32.68-5.el4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "fence-0:1.32.68-5.el4.ppc64",
"product": {
"name": "fence-0:1.32.68-5.el4.ppc64",
"product_id": "fence-0:1.32.68-5.el4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence@1.32.68-5.el4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"product": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"product_id": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence-debuginfo@1.32.68-5.el4?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.src as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-0:1.32.68-5.el4.src"
},
"product_reference": "fence-0:1.32.68-5.el4.src",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.src as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-0:1.32.68-5.el4.src"
},
"product_reference": "fence-0:1.32.68-5.el4.src",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.src as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-0:1.32.68-5.el4.src"
},
"product_reference": "fence-0:1.32.68-5.el4.src",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4WS-cluster"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-4192",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2008-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "460476"
}
],
"notes": [
{
"category": "description",
"text": "The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cman/fence: insecure temporary file usage in the egenera fence agent",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-4192"
},
{
"category": "external",
"summary": "RHBZ#460476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-4192",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-4192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4192"
}
],
"release_date": "2008-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-02-16T15:18:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:0266"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cman/fence: insecure temporary file usage in the egenera fence agent"
},
{
"cve": "CVE-2008-4579",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2008-10-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "467386"
}
],
"notes": [
{
"category": "description",
"text": "The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cman/fence: insecure temporary file usage in the apc fence agents",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-4579"
},
{
"category": "external",
"summary": "RHBZ#467386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=467386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-4579",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-4579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4579"
}
],
"release_date": "2008-10-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-02-16T15:18:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:0266"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 1.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cman/fence: insecure temporary file usage in the apc fence agents"
}
]
}
rhsa-2011:0266
Vulnerability from csaf_redhat
Published
2011-02-16 15:18
Modified
2025-10-09 13:13
Summary
Red Hat Security Advisory: fence security, bug fix, and enhancement update
Notes
Topic
An updated fence package that fixes multiple security issues, several bugs,
and adds two enhancements is now available for Red Hat Cluster Suite 4.
The Red Hat Security Response Team has rated this update as having low
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The fence package allows failed or unreachable nodes to be forcibly
restarted and removed from a cluster.
Insecure temporary file use flaws were found in fence_egenera, fence_apc,
and fence_apc_snmp. A local attacker could use these flaws to overwrite an
arbitrary file writable by the victim running those utilities via a
symbolic link attack. (CVE-2008-4192, CVE-2008-4579)
This update also fixes the following bugs:
* fence_apc_snmp now waits for five seconds after fencing to properly get
status. (BZ#494587)
* The fence_drac5 help output now shows the proper commands. (BZ#498870)
* fence_scsi_test.pl now verifies that sg_persist is in the path before
running. (BZ#500172)
* fence_drac5 is now more consistent with other agents and uses module_name
instead of modulename. (BZ#500546)
* fence_apc and fence_wti no longer fail with a pexpect exception.
(BZ#501890, BZ#504589)
* fence_wti no longer issues a traceback when an option is missing.
(BZ#508258)
* fence_sanbox2 is now able to properly obtain the status after fencing.
(BZ#510279)
* Fencing no longer fails if fence_wti is used without telnet. (BZ#510335)
* fence_scsi get_scsi_devices no longer hangs with various devices.
(BZ#545193)
* fence_ilo no longer fails to reboot with ilo2 firmware 1.70. (BZ#545682)
* Fixed an issue with fence_ilo not rebooting in some implementations.
(BZ#576036)
* fence_ilo no longer throws exceptions if the user does not have power
privileges. (BZ#576178)
As well, this update adds the following enhancements:
* Support has been added for SSH-enabled RSA II fence devices. (BZ#476161)
* The APC fence agent will now work with a non-root account. (BZ#491643)
All fence users are advised to upgrade to this updated package, which
corrects these issues and adds these enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated fence package that fixes multiple security issues, several bugs,\nand adds two enhancements is now available for Red Hat Cluster Suite 4.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The fence package allows failed or unreachable nodes to be forcibly\nrestarted and removed from a cluster.\n\nInsecure temporary file use flaws were found in fence_egenera, fence_apc,\nand fence_apc_snmp. A local attacker could use these flaws to overwrite an\narbitrary file writable by the victim running those utilities via a\nsymbolic link attack. (CVE-2008-4192, CVE-2008-4579)\n\nThis update also fixes the following bugs:\n\n* fence_apc_snmp now waits for five seconds after fencing to properly get\nstatus. (BZ#494587)\n\n* The fence_drac5 help output now shows the proper commands. (BZ#498870)\n\n* fence_scsi_test.pl now verifies that sg_persist is in the path before\nrunning. (BZ#500172)\n\n* fence_drac5 is now more consistent with other agents and uses module_name\ninstead of modulename. (BZ#500546)\n\n* fence_apc and fence_wti no longer fail with a pexpect exception.\n(BZ#501890, BZ#504589)\n\n* fence_wti no longer issues a traceback when an option is missing.\n(BZ#508258)\n\n* fence_sanbox2 is now able to properly obtain the status after fencing.\n(BZ#510279)\n\n* Fencing no longer fails if fence_wti is used without telnet. (BZ#510335)\n\n* fence_scsi get_scsi_devices no longer hangs with various devices.\n(BZ#545193)\n\n* fence_ilo no longer fails to reboot with ilo2 firmware 1.70. (BZ#545682)\n\n* Fixed an issue with fence_ilo not rebooting in some implementations.\n(BZ#576036)\n\n* fence_ilo no longer throws exceptions if the user does not have power\nprivileges. (BZ#576178)\n\nAs well, this update adds the following enhancements:\n\n* Support has been added for SSH-enabled RSA II fence devices. (BZ#476161)\n\n* The APC fence agent will now work with a non-root account. (BZ#491643)\n\nAll fence users are advised to upgrade to this updated package, which\ncorrects these issues and adds these enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2011:0266",
"url": "https://access.redhat.com/errata/RHSA-2011:0266"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "460476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"category": "external",
"summary": "467386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=467386"
},
{
"category": "external",
"summary": "491643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=491643"
},
{
"category": "external",
"summary": "494587",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=494587"
},
{
"category": "external",
"summary": "498870",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=498870"
},
{
"category": "external",
"summary": "498983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=498983"
},
{
"category": "external",
"summary": "500172",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=500172"
},
{
"category": "external",
"summary": "500546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=500546"
},
{
"category": "external",
"summary": "501890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=501890"
},
{
"category": "external",
"summary": "504589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504589"
},
{
"category": "external",
"summary": "508268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=508268"
},
{
"category": "external",
"summary": "510279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=510279"
},
{
"category": "external",
"summary": "545193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=545193"
},
{
"category": "external",
"summary": "545682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=545682"
},
{
"category": "external",
"summary": "576036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=576036"
},
{
"category": "external",
"summary": "576178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=576178"
},
{
"category": "external",
"summary": "584133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=584133"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_0266.json"
}
],
"title": "Red Hat Security Advisory: fence security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-10-09T13:13:08+00:00",
"generator": {
"date": "2025-10-09T13:13:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2011:0266",
"initial_release_date": "2011-02-16T15:18:00+00:00",
"revision_history": [
{
"date": "2011-02-16T15:18:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2011-02-16T11:14:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T13:13:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Cluster Suite 4AS",
"product": {
"name": "Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_cluster:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Cluster Suite 4ES",
"product": {
"name": "Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_cluster:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Cluster Suite 4WS",
"product": {
"name": "Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_cluster:4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Cluster Suite"
},
{
"branches": [
{
"category": "product_version",
"name": "fence-0:1.32.68-5.el4.i686",
"product": {
"name": "fence-0:1.32.68-5.el4.i686",
"product_id": "fence-0:1.32.68-5.el4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence@1.32.68-5.el4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "fence-debuginfo-0:1.32.68-5.el4.i686",
"product": {
"name": "fence-debuginfo-0:1.32.68-5.el4.i686",
"product_id": "fence-debuginfo-0:1.32.68-5.el4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence-debuginfo@1.32.68-5.el4?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "fence-0:1.32.68-5.el4.ia64",
"product": {
"name": "fence-0:1.32.68-5.el4.ia64",
"product_id": "fence-0:1.32.68-5.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence@1.32.68-5.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"product": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"product_id": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence-debuginfo@1.32.68-5.el4?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "fence-0:1.32.68-5.el4.src",
"product": {
"name": "fence-0:1.32.68-5.el4.src",
"product_id": "fence-0:1.32.68-5.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence@1.32.68-5.el4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "fence-0:1.32.68-5.el4.x86_64",
"product": {
"name": "fence-0:1.32.68-5.el4.x86_64",
"product_id": "fence-0:1.32.68-5.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence@1.32.68-5.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"product": {
"name": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"product_id": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence-debuginfo@1.32.68-5.el4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "fence-0:1.32.68-5.el4.ppc64",
"product": {
"name": "fence-0:1.32.68-5.el4.ppc64",
"product_id": "fence-0:1.32.68-5.el4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence@1.32.68-5.el4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"product": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"product_id": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence-debuginfo@1.32.68-5.el4?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.src as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-0:1.32.68-5.el4.src"
},
"product_reference": "fence-0:1.32.68-5.el4.src",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.src as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-0:1.32.68-5.el4.src"
},
"product_reference": "fence-0:1.32.68-5.el4.src",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.src as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-0:1.32.68-5.el4.src"
},
"product_reference": "fence-0:1.32.68-5.el4.src",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4WS-cluster"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-4192",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2008-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "460476"
}
],
"notes": [
{
"category": "description",
"text": "The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cman/fence: insecure temporary file usage in the egenera fence agent",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-4192"
},
{
"category": "external",
"summary": "RHBZ#460476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-4192",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-4192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4192"
}
],
"release_date": "2008-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-02-16T15:18:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:0266"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cman/fence: insecure temporary file usage in the egenera fence agent"
},
{
"cve": "CVE-2008-4579",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2008-10-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "467386"
}
],
"notes": [
{
"category": "description",
"text": "The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cman/fence: insecure temporary file usage in the apc fence agents",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-4579"
},
{
"category": "external",
"summary": "RHBZ#467386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=467386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-4579",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-4579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4579"
}
],
"release_date": "2008-10-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-02-16T15:18:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:0266"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 1.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cman/fence: insecure temporary file usage in the apc fence agents"
}
]
}
rhba-2010:0266
Vulnerability from csaf_redhat
Published
2010-03-30 00:00
Modified
2025-10-09 13:12
Summary
Red Hat Bug Fix Advisory: cman bug fix and enhancement update
Notes
Topic
Updated cman packages that fix bugs and add enhancements are now available.
Details
The Cluster Manager (cman) utility provides user-level services for
managing a Linux cluster.
Changes in this update:
* fence_rsa fails to login with new RSA II firmware. (BZ#549473)
* fence_virsh reports vm status incorrectly. (BZ#544664)
* improve error messages from ccsd if there is a network problem.
(BZ#517399)
* new fence agent for VMWare. (BZ#548577)
Note: this is a Tech Preview only.
* fence agent for HP iLO2 MP. (BZ#508722)
* fence agent for RSB ends with traceback. (BZ#545054)
* security feature for SNMP based agent: apc_snmp & ibmblade. (BZ#532922)
* change default timeout values for various fence agents. (BZ#549124)
* "Option -V" (show version) was not working in all fence agents.
(BZ#549113)
* automatically configure consensus based on token timeout. (BZ#544482)
* add readconfig & dumpconfig to fence_tool. (BZ#514662)
* make groupd handle partition merges. (BZ#546082)
* groupd: clean up leaving failed node. (BZ#521817)
* scsi_reserve should always echo after failure. (BZ#514260)
* fence_scsi_test: add debug information. (BZ#516763)
* fence_scsi_test should not allow -c & -s options together. (BZ#528832)
* fix fence_ipmilan read from unitialized memory. (BZ#532138)
* make qdiskd stop crying wolf. (BZ#532773)
* fencing failed when used without telnet or ssh. (BZ#512343)
* APC changed product name (MasterSwitch -> Switched Rack PDU). (BZ#447481)
* fix invalid initalization introduced by retry-on option.
* broken device detection for DRAC3 ERA/O. (BZ#489809)
* fix case sensitivities in action parameter. (BZ#528938)
* fencing_snmp failed on all operations & traceback fix. (BZ#528916)
* accept unknown options from standard input. (BZ#532920)
* fence_apc unable to obtain plug status. (BZ#532916)
* timeout options added. (BZ#507514)
* better default timeout for bladecenter. (BZ#526806)
* the LOGIN_TIMEOUT value was too short for fence_lpar & the SSH login
timed out before the connection could be completed. (BZ#546340)
* add missing-as-off option (missing blade/device is always OFF).
(BZ#248006)
* make qdiskd "master-wins" node work. (BZ#372901)
* make qdisk self-fence system if write errors take longer than
interval*tko. (BZ#511113)
* make service_cman.lcrso executable, so RPM adds it to the debuginfo pkg.
(BZ#511346)
* don't check for xm command in cman init script: virsh is more
appropriate. (BZ#516111)
* allow re-registering of a quorum device. (BZ#525270)
* fix fence_scsi, multipath & persistent reservations. (BZ#516625)
* cman_tool leave remove reduces quorum when no services are connected.
(BZ#515446)
* fence_sanbox2 unable to retrieve status. (BZ#512947)
* gfs_controld: GETLK should free unused resource. (BZ#513285)
* allow IP addresses as node names. (BZ#504158)
* fence_scsi man page contains invalid option. (BZ#515731)
* fence_scsi support for 2 node clusters. (BZ#516085)
* Support for power cycle in fence ipmi. (BZ#482913)
* add option 'list devices' for fencing agents. (BZ#519697)
* add support for switching IPv4/IPv6. (BZ#520458)
* fence agent ends with traceback if option is missing. (BZ#508262)
* command line options to override default ports for different services,
such as SSH & Telnet (i.e. -u option) were added. (BZ#506928)
Note: "-u" does not currently work with fence_wti. Other agents honor the
port override command line options properly, however. (BZ#506928)
* force stdout close for fencing agents. (BZ#518622)
* support for long options. (BZ#519670)
* fix a situation where cman could kill the wrong nodes. (BZ#513260)
* fix support for >100 gfs & gfs2 file systems. (BZ#561892)
* fix a problem where 'dm suspend' would hang a withdrawn GFS file system.
(BZ#570530)
* fix a problem where fence_snmp returned success when the operation
failed. (BZ#573834)
* fencing support for the new iDRAC interface included with Dell PowerEdge
R710 & R910 blade servers was added. (BZ#496748)
All cman users should install this update which makes these changes.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated cman packages that fix bugs and add enhancements are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "The Cluster Manager (cman) utility provides user-level services for\nmanaging a Linux cluster.\n\nChanges in this update:\n\n* fence_rsa fails to login with new RSA II firmware. (BZ#549473)\n\n* fence_virsh reports vm status incorrectly. (BZ#544664)\n\n* improve error messages from ccsd if there is a network problem.\n(BZ#517399)\n\n* new fence agent for VMWare. (BZ#548577)\n\nNote: this is a Tech Preview only.\n\n* fence agent for HP iLO2 MP. (BZ#508722)\n\n* fence agent for RSB ends with traceback. (BZ#545054)\n\n* security feature for SNMP based agent: apc_snmp \u0026 ibmblade. (BZ#532922)\n\n* change default timeout values for various fence agents. (BZ#549124)\n\n* \"Option -V\" (show version) was not working in all fence agents.\n(BZ#549113)\n\n* automatically configure consensus based on token timeout. (BZ#544482)\n\n* add readconfig \u0026 dumpconfig to fence_tool. (BZ#514662)\n\n* make groupd handle partition merges. (BZ#546082)\n\n* groupd: clean up leaving failed node. (BZ#521817)\n\n* scsi_reserve should always echo after failure. (BZ#514260)\n\n* fence_scsi_test: add debug information. (BZ#516763)\n\n* fence_scsi_test should not allow -c \u0026 -s options together. (BZ#528832)\n\n* fix fence_ipmilan read from unitialized memory. (BZ#532138)\n\n* make qdiskd stop crying wolf. (BZ#532773)\n\n* fencing failed when used without telnet or ssh. (BZ#512343)\n\n* APC changed product name (MasterSwitch -\u003e Switched Rack PDU). (BZ#447481)\n\n* fix invalid initalization introduced by retry-on option.\n\n* broken device detection for DRAC3 ERA/O. (BZ#489809)\n\n* fix case sensitivities in action parameter. (BZ#528938)\n\n* fencing_snmp failed on all operations \u0026 traceback fix. (BZ#528916)\n\n* accept unknown options from standard input. (BZ#532920)\n\n* fence_apc unable to obtain plug status. (BZ#532916)\n\n* timeout options added. (BZ#507514)\n\n* better default timeout for bladecenter. (BZ#526806)\n\n* the LOGIN_TIMEOUT value was too short for fence_lpar \u0026 the SSH login\ntimed out before the connection could be completed. (BZ#546340)\n\n* add missing-as-off option (missing blade/device is always OFF).\n(BZ#248006)\n\n* make qdiskd \"master-wins\" node work. (BZ#372901)\n\n* make qdisk self-fence system if write errors take longer than\ninterval*tko. (BZ#511113)\n\n* make service_cman.lcrso executable, so RPM adds it to the debuginfo pkg.\n(BZ#511346)\n\n* don\u0027t check for xm command in cman init script: virsh is more\nappropriate. (BZ#516111)\n\n* allow re-registering of a quorum device. (BZ#525270)\n\n* fix fence_scsi, multipath \u0026 persistent reservations. (BZ#516625)\n\n* cman_tool leave remove reduces quorum when no services are connected.\n(BZ#515446)\n\n* fence_sanbox2 unable to retrieve status. (BZ#512947)\n\n* gfs_controld: GETLK should free unused resource. (BZ#513285)\n\n* allow IP addresses as node names. (BZ#504158)\n\n* fence_scsi man page contains invalid option. (BZ#515731)\n\n* fence_scsi support for 2 node clusters. (BZ#516085)\n\n* Support for power cycle in fence ipmi. (BZ#482913)\n\n* add option \u0027list devices\u0027 for fencing agents. (BZ#519697)\n\n* add support for switching IPv4/IPv6. (BZ#520458)\n\n* fence agent ends with traceback if option is missing. (BZ#508262)\n\n* command line options to override default ports for different services,\nsuch as SSH \u0026 Telnet (i.e. -u option) were added. (BZ#506928)\n\nNote: \"-u\" does not currently work with fence_wti. Other agents honor the\nport override command line options properly, however. (BZ#506928)\n\n* force stdout close for fencing agents. (BZ#518622)\n\n* support for long options. (BZ#519670)\n\n* fix a situation where cman could kill the wrong nodes. (BZ#513260)\n\n* fix support for \u003e100 gfs \u0026 gfs2 file systems. (BZ#561892)\n\n* fix a problem where \u0027dm suspend\u0027 would hang a withdrawn GFS file system.\n(BZ#570530)\n\n* fix a problem where fence_snmp returned success when the operation\nfailed. (BZ#573834)\n\n* fencing support for the new iDRAC interface included with Dell PowerEdge\nR710 \u0026 R910 blade servers was added. (BZ#496748)\n\nAll cman users should install this update which makes these changes.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2010:0266",
"url": "https://access.redhat.com/errata/RHBA-2010:0266"
},
{
"category": "external",
"summary": "248006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=248006"
},
{
"category": "external",
"summary": "372901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=372901"
},
{
"category": "external",
"summary": "447481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447481"
},
{
"category": "external",
"summary": "482913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=482913"
},
{
"category": "external",
"summary": "489809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=489809"
},
{
"category": "external",
"summary": "496748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=496748"
},
{
"category": "external",
"summary": "504158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504158"
},
{
"category": "external",
"summary": "506928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=506928"
},
{
"category": "external",
"summary": "507514",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=507514"
},
{
"category": "external",
"summary": "508262",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=508262"
},
{
"category": "external",
"summary": "508722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=508722"
},
{
"category": "external",
"summary": "511113",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=511113"
},
{
"category": "external",
"summary": "511346",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=511346"
},
{
"category": "external",
"summary": "512343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512343"
},
{
"category": "external",
"summary": "512947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512947"
},
{
"category": "external",
"summary": "513260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=513260"
},
{
"category": "external",
"summary": "513285",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=513285"
},
{
"category": "external",
"summary": "514260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=514260"
},
{
"category": "external",
"summary": "515446",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=515446"
},
{
"category": "external",
"summary": "515731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=515731"
},
{
"category": "external",
"summary": "516085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516085"
},
{
"category": "external",
"summary": "516111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516111"
},
{
"category": "external",
"summary": "516763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516763"
},
{
"category": "external",
"summary": "517399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=517399"
},
{
"category": "external",
"summary": "518622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=518622"
},
{
"category": "external",
"summary": "519670",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=519670"
},
{
"category": "external",
"summary": "519697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=519697"
},
{
"category": "external",
"summary": "520458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=520458"
},
{
"category": "external",
"summary": "521817",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521817"
},
{
"category": "external",
"summary": "528832",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=528832"
},
{
"category": "external",
"summary": "528938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=528938"
},
{
"category": "external",
"summary": "532138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=532138"
},
{
"category": "external",
"summary": "532773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=532773"
},
{
"category": "external",
"summary": "532916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=532916"
},
{
"category": "external",
"summary": "532920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=532920"
},
{
"category": "external",
"summary": "532922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=532922"
},
{
"category": "external",
"summary": "544482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=544482"
},
{
"category": "external",
"summary": "544664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=544664"
},
{
"category": "external",
"summary": "545054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=545054"
},
{
"category": "external",
"summary": "546082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=546082"
},
{
"category": "external",
"summary": "546340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=546340"
},
{
"category": "external",
"summary": "548577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=548577"
},
{
"category": "external",
"summary": "549113",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=549113"
},
{
"category": "external",
"summary": "549473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=549473"
},
{
"category": "external",
"summary": "570530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=570530"
},
{
"category": "external",
"summary": "573834",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=573834"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhba-2010_0266.json"
}
],
"title": "Red Hat Bug Fix Advisory: cman bug fix and enhancement update",
"tracking": {
"current_release_date": "2025-10-09T13:12:33+00:00",
"generator": {
"date": "2025-10-09T13:12:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHBA-2010:0266",
"initial_release_date": "2010-03-30T00:00:00+00:00",
"revision_history": [
{
"date": "2010-03-30T00:00:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-03-29T08:54:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T13:12:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-devel-0:2.0.115-34.el5.x86_64",
"product": {
"name": "cman-devel-0:2.0.115-34.el5.x86_64",
"product_id": "cman-devel-0:2.0.115-34.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-devel@2.0.115-34.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cman-0:2.0.115-34.el5.x86_64",
"product": {
"name": "cman-0:2.0.115-34.el5.x86_64",
"product_id": "cman-0:2.0.115-34.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman@2.0.115-34.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cman-debuginfo-0:2.0.115-34.el5.x86_64",
"product": {
"name": "cman-debuginfo-0:2.0.115-34.el5.x86_64",
"product_id": "cman-debuginfo-0:2.0.115-34.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-34.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-devel-0:2.0.115-34.el5.i386",
"product": {
"name": "cman-devel-0:2.0.115-34.el5.i386",
"product_id": "cman-devel-0:2.0.115-34.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-devel@2.0.115-34.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "cman-debuginfo-0:2.0.115-34.el5.i386",
"product": {
"name": "cman-debuginfo-0:2.0.115-34.el5.i386",
"product_id": "cman-debuginfo-0:2.0.115-34.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-34.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "cman-0:2.0.115-34.el5.i386",
"product": {
"name": "cman-0:2.0.115-34.el5.i386",
"product_id": "cman-0:2.0.115-34.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman@2.0.115-34.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-0:2.0.115-34.el5.src",
"product": {
"name": "cman-0:2.0.115-34.el5.src",
"product_id": "cman-0:2.0.115-34.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman@2.0.115-34.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-devel-0:2.0.115-34.el5.ia64",
"product": {
"name": "cman-devel-0:2.0.115-34.el5.ia64",
"product_id": "cman-devel-0:2.0.115-34.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-devel@2.0.115-34.el5?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "cman-0:2.0.115-34.el5.ia64",
"product": {
"name": "cman-0:2.0.115-34.el5.ia64",
"product_id": "cman-0:2.0.115-34.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman@2.0.115-34.el5?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "cman-debuginfo-0:2.0.115-34.el5.ia64",
"product": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ia64",
"product_id": "cman-debuginfo-0:2.0.115-34.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-34.el5?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-devel-0:2.0.115-34.el5.ppc64",
"product": {
"name": "cman-devel-0:2.0.115-34.el5.ppc64",
"product_id": "cman-devel-0:2.0.115-34.el5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-devel@2.0.115-34.el5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc64",
"product": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc64",
"product_id": "cman-debuginfo-0:2.0.115-34.el5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-34.el5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-devel-0:2.0.115-34.el5.ppc",
"product": {
"name": "cman-devel-0:2.0.115-34.el5.ppc",
"product_id": "cman-devel-0:2.0.115-34.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-devel@2.0.115-34.el5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "cman-0:2.0.115-34.el5.ppc",
"product": {
"name": "cman-0:2.0.115-34.el5.ppc",
"product_id": "cman-0:2.0.115-34.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman@2.0.115-34.el5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc",
"product": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc",
"product_id": "cman-debuginfo-0:2.0.115-34.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-34.el5?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-0:2.0.115-34.el5.src"
},
"product_reference": "cman-0:2.0.115-34.el5.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-devel-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-devel-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-devel-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-0:2.0.115-34.el5.src"
},
"product_reference": "cman-0:2.0.115-34.el5.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-debuginfo-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-debuginfo-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-debuginfo-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-debuginfo-0:2.0.115-34.el5.ppc64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-debuginfo-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-devel-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-devel-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-devel-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-devel-0:2.0.115-34.el5.ppc64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-devel-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-4192",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2008-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "460476"
}
],
"notes": [
{
"category": "description",
"text": "The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cman/fence: insecure temporary file usage in the egenera fence agent",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:cman-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-0:2.0.115-34.el5.src",
"5Client-Workstation:cman-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.x86_64",
"5Server:cman-0:2.0.115-34.el5.i386",
"5Server:cman-0:2.0.115-34.el5.ia64",
"5Server:cman-0:2.0.115-34.el5.ppc",
"5Server:cman-0:2.0.115-34.el5.src",
"5Server:cman-0:2.0.115-34.el5.x86_64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Server:cman-devel-0:2.0.115-34.el5.i386",
"5Server:cman-devel-0:2.0.115-34.el5.ia64",
"5Server:cman-devel-0:2.0.115-34.el5.ppc",
"5Server:cman-devel-0:2.0.115-34.el5.ppc64",
"5Server:cman-devel-0:2.0.115-34.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-4192"
},
{
"category": "external",
"summary": "RHBZ#460476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-4192",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-4192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4192"
}
],
"release_date": "2008-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-03-30T00:00:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:cman-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-0:2.0.115-34.el5.src",
"5Client-Workstation:cman-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.x86_64",
"5Server:cman-0:2.0.115-34.el5.i386",
"5Server:cman-0:2.0.115-34.el5.ia64",
"5Server:cman-0:2.0.115-34.el5.ppc",
"5Server:cman-0:2.0.115-34.el5.src",
"5Server:cman-0:2.0.115-34.el5.x86_64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Server:cman-devel-0:2.0.115-34.el5.i386",
"5Server:cman-devel-0:2.0.115-34.el5.ia64",
"5Server:cman-devel-0:2.0.115-34.el5.ppc",
"5Server:cman-devel-0:2.0.115-34.el5.ppc64",
"5Server:cman-devel-0:2.0.115-34.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2010:0266"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-Workstation:cman-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-0:2.0.115-34.el5.src",
"5Client-Workstation:cman-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.x86_64",
"5Server:cman-0:2.0.115-34.el5.i386",
"5Server:cman-0:2.0.115-34.el5.ia64",
"5Server:cman-0:2.0.115-34.el5.ppc",
"5Server:cman-0:2.0.115-34.el5.src",
"5Server:cman-0:2.0.115-34.el5.x86_64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Server:cman-devel-0:2.0.115-34.el5.i386",
"5Server:cman-devel-0:2.0.115-34.el5.ia64",
"5Server:cman-devel-0:2.0.115-34.el5.ppc",
"5Server:cman-devel-0:2.0.115-34.el5.ppc64",
"5Server:cman-devel-0:2.0.115-34.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cman/fence: insecure temporary file usage in the egenera fence agent"
}
]
}
RHBA-2010:0266
Vulnerability from csaf_redhat
Published
2010-03-30 00:00
Modified
2025-10-09 13:12
Summary
Red Hat Bug Fix Advisory: cman bug fix and enhancement update
Notes
Topic
Updated cman packages that fix bugs and add enhancements are now available.
Details
The Cluster Manager (cman) utility provides user-level services for
managing a Linux cluster.
Changes in this update:
* fence_rsa fails to login with new RSA II firmware. (BZ#549473)
* fence_virsh reports vm status incorrectly. (BZ#544664)
* improve error messages from ccsd if there is a network problem.
(BZ#517399)
* new fence agent for VMWare. (BZ#548577)
Note: this is a Tech Preview only.
* fence agent for HP iLO2 MP. (BZ#508722)
* fence agent for RSB ends with traceback. (BZ#545054)
* security feature for SNMP based agent: apc_snmp & ibmblade. (BZ#532922)
* change default timeout values for various fence agents. (BZ#549124)
* "Option -V" (show version) was not working in all fence agents.
(BZ#549113)
* automatically configure consensus based on token timeout. (BZ#544482)
* add readconfig & dumpconfig to fence_tool. (BZ#514662)
* make groupd handle partition merges. (BZ#546082)
* groupd: clean up leaving failed node. (BZ#521817)
* scsi_reserve should always echo after failure. (BZ#514260)
* fence_scsi_test: add debug information. (BZ#516763)
* fence_scsi_test should not allow -c & -s options together. (BZ#528832)
* fix fence_ipmilan read from unitialized memory. (BZ#532138)
* make qdiskd stop crying wolf. (BZ#532773)
* fencing failed when used without telnet or ssh. (BZ#512343)
* APC changed product name (MasterSwitch -> Switched Rack PDU). (BZ#447481)
* fix invalid initalization introduced by retry-on option.
* broken device detection for DRAC3 ERA/O. (BZ#489809)
* fix case sensitivities in action parameter. (BZ#528938)
* fencing_snmp failed on all operations & traceback fix. (BZ#528916)
* accept unknown options from standard input. (BZ#532920)
* fence_apc unable to obtain plug status. (BZ#532916)
* timeout options added. (BZ#507514)
* better default timeout for bladecenter. (BZ#526806)
* the LOGIN_TIMEOUT value was too short for fence_lpar & the SSH login
timed out before the connection could be completed. (BZ#546340)
* add missing-as-off option (missing blade/device is always OFF).
(BZ#248006)
* make qdiskd "master-wins" node work. (BZ#372901)
* make qdisk self-fence system if write errors take longer than
interval*tko. (BZ#511113)
* make service_cman.lcrso executable, so RPM adds it to the debuginfo pkg.
(BZ#511346)
* don't check for xm command in cman init script: virsh is more
appropriate. (BZ#516111)
* allow re-registering of a quorum device. (BZ#525270)
* fix fence_scsi, multipath & persistent reservations. (BZ#516625)
* cman_tool leave remove reduces quorum when no services are connected.
(BZ#515446)
* fence_sanbox2 unable to retrieve status. (BZ#512947)
* gfs_controld: GETLK should free unused resource. (BZ#513285)
* allow IP addresses as node names. (BZ#504158)
* fence_scsi man page contains invalid option. (BZ#515731)
* fence_scsi support for 2 node clusters. (BZ#516085)
* Support for power cycle in fence ipmi. (BZ#482913)
* add option 'list devices' for fencing agents. (BZ#519697)
* add support for switching IPv4/IPv6. (BZ#520458)
* fence agent ends with traceback if option is missing. (BZ#508262)
* command line options to override default ports for different services,
such as SSH & Telnet (i.e. -u option) were added. (BZ#506928)
Note: "-u" does not currently work with fence_wti. Other agents honor the
port override command line options properly, however. (BZ#506928)
* force stdout close for fencing agents. (BZ#518622)
* support for long options. (BZ#519670)
* fix a situation where cman could kill the wrong nodes. (BZ#513260)
* fix support for >100 gfs & gfs2 file systems. (BZ#561892)
* fix a problem where 'dm suspend' would hang a withdrawn GFS file system.
(BZ#570530)
* fix a problem where fence_snmp returned success when the operation
failed. (BZ#573834)
* fencing support for the new iDRAC interface included with Dell PowerEdge
R710 & R910 blade servers was added. (BZ#496748)
All cman users should install this update which makes these changes.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated cman packages that fix bugs and add enhancements are now available.",
"title": "Topic"
},
{
"category": "general",
"text": "The Cluster Manager (cman) utility provides user-level services for\nmanaging a Linux cluster.\n\nChanges in this update:\n\n* fence_rsa fails to login with new RSA II firmware. (BZ#549473)\n\n* fence_virsh reports vm status incorrectly. (BZ#544664)\n\n* improve error messages from ccsd if there is a network problem.\n(BZ#517399)\n\n* new fence agent for VMWare. (BZ#548577)\n\nNote: this is a Tech Preview only.\n\n* fence agent for HP iLO2 MP. (BZ#508722)\n\n* fence agent for RSB ends with traceback. (BZ#545054)\n\n* security feature for SNMP based agent: apc_snmp \u0026 ibmblade. (BZ#532922)\n\n* change default timeout values for various fence agents. (BZ#549124)\n\n* \"Option -V\" (show version) was not working in all fence agents.\n(BZ#549113)\n\n* automatically configure consensus based on token timeout. (BZ#544482)\n\n* add readconfig \u0026 dumpconfig to fence_tool. (BZ#514662)\n\n* make groupd handle partition merges. (BZ#546082)\n\n* groupd: clean up leaving failed node. (BZ#521817)\n\n* scsi_reserve should always echo after failure. (BZ#514260)\n\n* fence_scsi_test: add debug information. (BZ#516763)\n\n* fence_scsi_test should not allow -c \u0026 -s options together. (BZ#528832)\n\n* fix fence_ipmilan read from unitialized memory. (BZ#532138)\n\n* make qdiskd stop crying wolf. (BZ#532773)\n\n* fencing failed when used without telnet or ssh. (BZ#512343)\n\n* APC changed product name (MasterSwitch -\u003e Switched Rack PDU). (BZ#447481)\n\n* fix invalid initalization introduced by retry-on option.\n\n* broken device detection for DRAC3 ERA/O. (BZ#489809)\n\n* fix case sensitivities in action parameter. (BZ#528938)\n\n* fencing_snmp failed on all operations \u0026 traceback fix. (BZ#528916)\n\n* accept unknown options from standard input. (BZ#532920)\n\n* fence_apc unable to obtain plug status. (BZ#532916)\n\n* timeout options added. (BZ#507514)\n\n* better default timeout for bladecenter. (BZ#526806)\n\n* the LOGIN_TIMEOUT value was too short for fence_lpar \u0026 the SSH login\ntimed out before the connection could be completed. (BZ#546340)\n\n* add missing-as-off option (missing blade/device is always OFF).\n(BZ#248006)\n\n* make qdiskd \"master-wins\" node work. (BZ#372901)\n\n* make qdisk self-fence system if write errors take longer than\ninterval*tko. (BZ#511113)\n\n* make service_cman.lcrso executable, so RPM adds it to the debuginfo pkg.\n(BZ#511346)\n\n* don\u0027t check for xm command in cman init script: virsh is more\nappropriate. (BZ#516111)\n\n* allow re-registering of a quorum device. (BZ#525270)\n\n* fix fence_scsi, multipath \u0026 persistent reservations. (BZ#516625)\n\n* cman_tool leave remove reduces quorum when no services are connected.\n(BZ#515446)\n\n* fence_sanbox2 unable to retrieve status. (BZ#512947)\n\n* gfs_controld: GETLK should free unused resource. (BZ#513285)\n\n* allow IP addresses as node names. (BZ#504158)\n\n* fence_scsi man page contains invalid option. (BZ#515731)\n\n* fence_scsi support for 2 node clusters. (BZ#516085)\n\n* Support for power cycle in fence ipmi. (BZ#482913)\n\n* add option \u0027list devices\u0027 for fencing agents. (BZ#519697)\n\n* add support for switching IPv4/IPv6. (BZ#520458)\n\n* fence agent ends with traceback if option is missing. (BZ#508262)\n\n* command line options to override default ports for different services,\nsuch as SSH \u0026 Telnet (i.e. -u option) were added. (BZ#506928)\n\nNote: \"-u\" does not currently work with fence_wti. Other agents honor the\nport override command line options properly, however. (BZ#506928)\n\n* force stdout close for fencing agents. (BZ#518622)\n\n* support for long options. (BZ#519670)\n\n* fix a situation where cman could kill the wrong nodes. (BZ#513260)\n\n* fix support for \u003e100 gfs \u0026 gfs2 file systems. (BZ#561892)\n\n* fix a problem where \u0027dm suspend\u0027 would hang a withdrawn GFS file system.\n(BZ#570530)\n\n* fix a problem where fence_snmp returned success when the operation\nfailed. (BZ#573834)\n\n* fencing support for the new iDRAC interface included with Dell PowerEdge\nR710 \u0026 R910 blade servers was added. (BZ#496748)\n\nAll cman users should install this update which makes these changes.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2010:0266",
"url": "https://access.redhat.com/errata/RHBA-2010:0266"
},
{
"category": "external",
"summary": "248006",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=248006"
},
{
"category": "external",
"summary": "372901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=372901"
},
{
"category": "external",
"summary": "447481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=447481"
},
{
"category": "external",
"summary": "482913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=482913"
},
{
"category": "external",
"summary": "489809",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=489809"
},
{
"category": "external",
"summary": "496748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=496748"
},
{
"category": "external",
"summary": "504158",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504158"
},
{
"category": "external",
"summary": "506928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=506928"
},
{
"category": "external",
"summary": "507514",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=507514"
},
{
"category": "external",
"summary": "508262",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=508262"
},
{
"category": "external",
"summary": "508722",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=508722"
},
{
"category": "external",
"summary": "511113",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=511113"
},
{
"category": "external",
"summary": "511346",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=511346"
},
{
"category": "external",
"summary": "512343",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512343"
},
{
"category": "external",
"summary": "512947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=512947"
},
{
"category": "external",
"summary": "513260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=513260"
},
{
"category": "external",
"summary": "513285",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=513285"
},
{
"category": "external",
"summary": "514260",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=514260"
},
{
"category": "external",
"summary": "515446",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=515446"
},
{
"category": "external",
"summary": "515731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=515731"
},
{
"category": "external",
"summary": "516085",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516085"
},
{
"category": "external",
"summary": "516111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516111"
},
{
"category": "external",
"summary": "516763",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=516763"
},
{
"category": "external",
"summary": "517399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=517399"
},
{
"category": "external",
"summary": "518622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=518622"
},
{
"category": "external",
"summary": "519670",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=519670"
},
{
"category": "external",
"summary": "519697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=519697"
},
{
"category": "external",
"summary": "520458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=520458"
},
{
"category": "external",
"summary": "521817",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=521817"
},
{
"category": "external",
"summary": "528832",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=528832"
},
{
"category": "external",
"summary": "528938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=528938"
},
{
"category": "external",
"summary": "532138",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=532138"
},
{
"category": "external",
"summary": "532773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=532773"
},
{
"category": "external",
"summary": "532916",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=532916"
},
{
"category": "external",
"summary": "532920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=532920"
},
{
"category": "external",
"summary": "532922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=532922"
},
{
"category": "external",
"summary": "544482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=544482"
},
{
"category": "external",
"summary": "544664",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=544664"
},
{
"category": "external",
"summary": "545054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=545054"
},
{
"category": "external",
"summary": "546082",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=546082"
},
{
"category": "external",
"summary": "546340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=546340"
},
{
"category": "external",
"summary": "548577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=548577"
},
{
"category": "external",
"summary": "549113",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=549113"
},
{
"category": "external",
"summary": "549473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=549473"
},
{
"category": "external",
"summary": "570530",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=570530"
},
{
"category": "external",
"summary": "573834",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=573834"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2010/rhba-2010_0266.json"
}
],
"title": "Red Hat Bug Fix Advisory: cman bug fix and enhancement update",
"tracking": {
"current_release_date": "2025-10-09T13:12:33+00:00",
"generator": {
"date": "2025-10-09T13:12:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHBA-2010:0266",
"initial_release_date": "2010-03-30T00:00:00+00:00",
"revision_history": [
{
"date": "2010-03-30T00:00:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2010-03-29T08:54:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T13:12:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-devel-0:2.0.115-34.el5.x86_64",
"product": {
"name": "cman-devel-0:2.0.115-34.el5.x86_64",
"product_id": "cman-devel-0:2.0.115-34.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-devel@2.0.115-34.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cman-0:2.0.115-34.el5.x86_64",
"product": {
"name": "cman-0:2.0.115-34.el5.x86_64",
"product_id": "cman-0:2.0.115-34.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman@2.0.115-34.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cman-debuginfo-0:2.0.115-34.el5.x86_64",
"product": {
"name": "cman-debuginfo-0:2.0.115-34.el5.x86_64",
"product_id": "cman-debuginfo-0:2.0.115-34.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-34.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-devel-0:2.0.115-34.el5.i386",
"product": {
"name": "cman-devel-0:2.0.115-34.el5.i386",
"product_id": "cman-devel-0:2.0.115-34.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-devel@2.0.115-34.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "cman-debuginfo-0:2.0.115-34.el5.i386",
"product": {
"name": "cman-debuginfo-0:2.0.115-34.el5.i386",
"product_id": "cman-debuginfo-0:2.0.115-34.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-34.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "cman-0:2.0.115-34.el5.i386",
"product": {
"name": "cman-0:2.0.115-34.el5.i386",
"product_id": "cman-0:2.0.115-34.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman@2.0.115-34.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-0:2.0.115-34.el5.src",
"product": {
"name": "cman-0:2.0.115-34.el5.src",
"product_id": "cman-0:2.0.115-34.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman@2.0.115-34.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-devel-0:2.0.115-34.el5.ia64",
"product": {
"name": "cman-devel-0:2.0.115-34.el5.ia64",
"product_id": "cman-devel-0:2.0.115-34.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-devel@2.0.115-34.el5?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "cman-0:2.0.115-34.el5.ia64",
"product": {
"name": "cman-0:2.0.115-34.el5.ia64",
"product_id": "cman-0:2.0.115-34.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman@2.0.115-34.el5?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "cman-debuginfo-0:2.0.115-34.el5.ia64",
"product": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ia64",
"product_id": "cman-debuginfo-0:2.0.115-34.el5.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-34.el5?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-devel-0:2.0.115-34.el5.ppc64",
"product": {
"name": "cman-devel-0:2.0.115-34.el5.ppc64",
"product_id": "cman-devel-0:2.0.115-34.el5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-devel@2.0.115-34.el5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc64",
"product": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc64",
"product_id": "cman-debuginfo-0:2.0.115-34.el5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-34.el5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "cman-devel-0:2.0.115-34.el5.ppc",
"product": {
"name": "cman-devel-0:2.0.115-34.el5.ppc",
"product_id": "cman-devel-0:2.0.115-34.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-devel@2.0.115-34.el5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "cman-0:2.0.115-34.el5.ppc",
"product": {
"name": "cman-0:2.0.115-34.el5.ppc",
"product_id": "cman-0:2.0.115-34.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman@2.0.115-34.el5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc",
"product": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc",
"product_id": "cman-debuginfo-0:2.0.115-34.el5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-34.el5?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-0:2.0.115-34.el5.src"
},
"product_reference": "cman-0:2.0.115-34.el5.src",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-devel-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-devel-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ppc64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
"product_id": "5Client-Workstation:cman-devel-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Client-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-0:2.0.115-34.el5.src"
},
"product_reference": "cman-0:2.0.115-34.el5.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-debuginfo-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-debuginfo-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-debuginfo-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-debuginfo-0:2.0.115-34.el5.ppc64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-debuginfo-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-debuginfo-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-debuginfo-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-devel-0:2.0.115-34.el5.i386"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-devel-0:2.0.115-34.el5.ia64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-devel-0:2.0.115-34.el5.ppc"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-devel-0:2.0.115-34.el5.ppc64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.ppc64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cman-devel-0:2.0.115-34.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:cman-devel-0:2.0.115-34.el5.x86_64"
},
"product_reference": "cman-devel-0:2.0.115-34.el5.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-4192",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2008-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "460476"
}
],
"notes": [
{
"category": "description",
"text": "The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cman/fence: insecure temporary file usage in the egenera fence agent",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Workstation:cman-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-0:2.0.115-34.el5.src",
"5Client-Workstation:cman-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.x86_64",
"5Server:cman-0:2.0.115-34.el5.i386",
"5Server:cman-0:2.0.115-34.el5.ia64",
"5Server:cman-0:2.0.115-34.el5.ppc",
"5Server:cman-0:2.0.115-34.el5.src",
"5Server:cman-0:2.0.115-34.el5.x86_64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Server:cman-devel-0:2.0.115-34.el5.i386",
"5Server:cman-devel-0:2.0.115-34.el5.ia64",
"5Server:cman-devel-0:2.0.115-34.el5.ppc",
"5Server:cman-devel-0:2.0.115-34.el5.ppc64",
"5Server:cman-devel-0:2.0.115-34.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-4192"
},
{
"category": "external",
"summary": "RHBZ#460476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-4192",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-4192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4192"
}
],
"release_date": "2008-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2010-03-30T00:00:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"5Client-Workstation:cman-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-0:2.0.115-34.el5.src",
"5Client-Workstation:cman-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.x86_64",
"5Server:cman-0:2.0.115-34.el5.i386",
"5Server:cman-0:2.0.115-34.el5.ia64",
"5Server:cman-0:2.0.115-34.el5.ppc",
"5Server:cman-0:2.0.115-34.el5.src",
"5Server:cman-0:2.0.115-34.el5.x86_64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Server:cman-devel-0:2.0.115-34.el5.i386",
"5Server:cman-devel-0:2.0.115-34.el5.ia64",
"5Server:cman-devel-0:2.0.115-34.el5.ppc",
"5Server:cman-devel-0:2.0.115-34.el5.ppc64",
"5Server:cman-devel-0:2.0.115-34.el5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2010:0266"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-Workstation:cman-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-0:2.0.115-34.el5.src",
"5Client-Workstation:cman-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.i386",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ia64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.ppc64",
"5Client-Workstation:cman-devel-0:2.0.115-34.el5.x86_64",
"5Server:cman-0:2.0.115-34.el5.i386",
"5Server:cman-0:2.0.115-34.el5.ia64",
"5Server:cman-0:2.0.115-34.el5.ppc",
"5Server:cman-0:2.0.115-34.el5.src",
"5Server:cman-0:2.0.115-34.el5.x86_64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.i386",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ia64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc",
"5Server:cman-debuginfo-0:2.0.115-34.el5.ppc64",
"5Server:cman-debuginfo-0:2.0.115-34.el5.x86_64",
"5Server:cman-devel-0:2.0.115-34.el5.i386",
"5Server:cman-devel-0:2.0.115-34.el5.ia64",
"5Server:cman-devel-0:2.0.115-34.el5.ppc",
"5Server:cman-devel-0:2.0.115-34.el5.ppc64",
"5Server:cman-devel-0:2.0.115-34.el5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cman/fence: insecure temporary file usage in the egenera fence agent"
}
]
}
rhsa-2011_0266
Vulnerability from csaf_redhat
Published
2011-02-16 15:18
Modified
2024-11-22 03:11
Summary
Red Hat Security Advisory: fence security, bug fix, and enhancement update
Notes
Topic
An updated fence package that fixes multiple security issues, several bugs,
and adds two enhancements is now available for Red Hat Cluster Suite 4.
The Red Hat Security Response Team has rated this update as having low
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The fence package allows failed or unreachable nodes to be forcibly
restarted and removed from a cluster.
Insecure temporary file use flaws were found in fence_egenera, fence_apc,
and fence_apc_snmp. A local attacker could use these flaws to overwrite an
arbitrary file writable by the victim running those utilities via a
symbolic link attack. (CVE-2008-4192, CVE-2008-4579)
This update also fixes the following bugs:
* fence_apc_snmp now waits for five seconds after fencing to properly get
status. (BZ#494587)
* The fence_drac5 help output now shows the proper commands. (BZ#498870)
* fence_scsi_test.pl now verifies that sg_persist is in the path before
running. (BZ#500172)
* fence_drac5 is now more consistent with other agents and uses module_name
instead of modulename. (BZ#500546)
* fence_apc and fence_wti no longer fail with a pexpect exception.
(BZ#501890, BZ#504589)
* fence_wti no longer issues a traceback when an option is missing.
(BZ#508258)
* fence_sanbox2 is now able to properly obtain the status after fencing.
(BZ#510279)
* Fencing no longer fails if fence_wti is used without telnet. (BZ#510335)
* fence_scsi get_scsi_devices no longer hangs with various devices.
(BZ#545193)
* fence_ilo no longer fails to reboot with ilo2 firmware 1.70. (BZ#545682)
* Fixed an issue with fence_ilo not rebooting in some implementations.
(BZ#576036)
* fence_ilo no longer throws exceptions if the user does not have power
privileges. (BZ#576178)
As well, this update adds the following enhancements:
* Support has been added for SSH-enabled RSA II fence devices. (BZ#476161)
* The APC fence agent will now work with a non-root account. (BZ#491643)
All fence users are advised to upgrade to this updated package, which
corrects these issues and adds these enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated fence package that fixes multiple security issues, several bugs,\nand adds two enhancements is now available for Red Hat Cluster Suite 4.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The fence package allows failed or unreachable nodes to be forcibly\nrestarted and removed from a cluster.\n\nInsecure temporary file use flaws were found in fence_egenera, fence_apc,\nand fence_apc_snmp. A local attacker could use these flaws to overwrite an\narbitrary file writable by the victim running those utilities via a\nsymbolic link attack. (CVE-2008-4192, CVE-2008-4579)\n\nThis update also fixes the following bugs:\n\n* fence_apc_snmp now waits for five seconds after fencing to properly get\nstatus. (BZ#494587)\n\n* The fence_drac5 help output now shows the proper commands. (BZ#498870)\n\n* fence_scsi_test.pl now verifies that sg_persist is in the path before\nrunning. (BZ#500172)\n\n* fence_drac5 is now more consistent with other agents and uses module_name\ninstead of modulename. (BZ#500546)\n\n* fence_apc and fence_wti no longer fail with a pexpect exception.\n(BZ#501890, BZ#504589)\n\n* fence_wti no longer issues a traceback when an option is missing.\n(BZ#508258)\n\n* fence_sanbox2 is now able to properly obtain the status after fencing.\n(BZ#510279)\n\n* Fencing no longer fails if fence_wti is used without telnet. (BZ#510335)\n\n* fence_scsi get_scsi_devices no longer hangs with various devices.\n(BZ#545193)\n\n* fence_ilo no longer fails to reboot with ilo2 firmware 1.70. (BZ#545682)\n\n* Fixed an issue with fence_ilo not rebooting in some implementations.\n(BZ#576036)\n\n* fence_ilo no longer throws exceptions if the user does not have power\nprivileges. (BZ#576178)\n\nAs well, this update adds the following enhancements:\n\n* Support has been added for SSH-enabled RSA II fence devices. (BZ#476161)\n\n* The APC fence agent will now work with a non-root account. (BZ#491643)\n\nAll fence users are advised to upgrade to this updated package, which\ncorrects these issues and adds these enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2011:0266",
"url": "https://access.redhat.com/errata/RHSA-2011:0266"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "460476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"category": "external",
"summary": "467386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=467386"
},
{
"category": "external",
"summary": "491643",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=491643"
},
{
"category": "external",
"summary": "494587",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=494587"
},
{
"category": "external",
"summary": "498870",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=498870"
},
{
"category": "external",
"summary": "498983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=498983"
},
{
"category": "external",
"summary": "500172",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=500172"
},
{
"category": "external",
"summary": "500546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=500546"
},
{
"category": "external",
"summary": "501890",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=501890"
},
{
"category": "external",
"summary": "504589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=504589"
},
{
"category": "external",
"summary": "508268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=508268"
},
{
"category": "external",
"summary": "510279",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=510279"
},
{
"category": "external",
"summary": "545193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=545193"
},
{
"category": "external",
"summary": "545682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=545682"
},
{
"category": "external",
"summary": "576036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=576036"
},
{
"category": "external",
"summary": "576178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=576178"
},
{
"category": "external",
"summary": "584133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=584133"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_0266.json"
}
],
"title": "Red Hat Security Advisory: fence security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T03:11:41+00:00",
"generator": {
"date": "2024-11-22T03:11:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2011:0266",
"initial_release_date": "2011-02-16T15:18:00+00:00",
"revision_history": [
{
"date": "2011-02-16T15:18:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2011-02-16T11:14:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T03:11:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Cluster Suite 4AS",
"product": {
"name": "Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_cluster:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Cluster Suite 4ES",
"product": {
"name": "Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_cluster:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Cluster Suite 4WS",
"product": {
"name": "Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_cluster:4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Cluster Suite"
},
{
"branches": [
{
"category": "product_version",
"name": "fence-0:1.32.68-5.el4.i686",
"product": {
"name": "fence-0:1.32.68-5.el4.i686",
"product_id": "fence-0:1.32.68-5.el4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence@1.32.68-5.el4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "fence-debuginfo-0:1.32.68-5.el4.i686",
"product": {
"name": "fence-debuginfo-0:1.32.68-5.el4.i686",
"product_id": "fence-debuginfo-0:1.32.68-5.el4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence-debuginfo@1.32.68-5.el4?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "fence-0:1.32.68-5.el4.ia64",
"product": {
"name": "fence-0:1.32.68-5.el4.ia64",
"product_id": "fence-0:1.32.68-5.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence@1.32.68-5.el4?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"product": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"product_id": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence-debuginfo@1.32.68-5.el4?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "fence-0:1.32.68-5.el4.src",
"product": {
"name": "fence-0:1.32.68-5.el4.src",
"product_id": "fence-0:1.32.68-5.el4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence@1.32.68-5.el4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "fence-0:1.32.68-5.el4.x86_64",
"product": {
"name": "fence-0:1.32.68-5.el4.x86_64",
"product_id": "fence-0:1.32.68-5.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence@1.32.68-5.el4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"product": {
"name": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"product_id": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence-debuginfo@1.32.68-5.el4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "fence-0:1.32.68-5.el4.ppc64",
"product": {
"name": "fence-0:1.32.68-5.el4.ppc64",
"product_id": "fence-0:1.32.68-5.el4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence@1.32.68-5.el4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"product": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"product_id": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fence-debuginfo@1.32.68-5.el4?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.src as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-0:1.32.68-5.el4.src"
},
"product_reference": "fence-0:1.32.68-5.el4.src",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4AS",
"product_id": "4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4AS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.src as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-0:1.32.68-5.el4.src"
},
"product_reference": "fence-0:1.32.68-5.el4.src",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4ES",
"product_id": "4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4ES-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.src as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-0:1.32.68-5.el4.src"
},
"product_reference": "fence-0:1.32.68-5.el4.src",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.i686 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.i686",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ia64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ia64",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.ppc64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.ppc64",
"relates_to_product_reference": "4WS-cluster"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fence-debuginfo-0:1.32.68-5.el4.x86_64 as a component of Red Hat Cluster Suite 4WS",
"product_id": "4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
},
"product_reference": "fence-debuginfo-0:1.32.68-5.el4.x86_64",
"relates_to_product_reference": "4WS-cluster"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2008-4192",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2008-08-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "460476"
}
],
"notes": [
{
"category": "description",
"text": "The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cman/fence: insecure temporary file usage in the egenera fence agent",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-4192"
},
{
"category": "external",
"summary": "RHBZ#460476",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-4192",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-4192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4192"
}
],
"release_date": "2008-08-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-02-16T15:18:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:0266"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cman/fence: insecure temporary file usage in the egenera fence agent"
},
{
"cve": "CVE-2008-4579",
"cwe": {
"id": "CWE-377",
"name": "Insecure Temporary File"
},
"discovery_date": "2008-10-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "467386"
}
],
"notes": [
{
"category": "description",
"text": "The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cman/fence: insecure temporary file usage in the apc fence agents",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2008-4579"
},
{
"category": "external",
"summary": "RHBZ#467386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=467386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2008-4579",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-4579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4579"
}
],
"release_date": "2008-10-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-02-16T15:18:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:0266"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 1.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-cluster:fence-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-0:1.32.68-5.el4.src",
"4AS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4AS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-0:1.32.68-5.el4.src",
"4ES-cluster:fence-0:1.32.68-5.el4.x86_64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4ES-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-0:1.32.68-5.el4.src",
"4WS-cluster:fence-0:1.32.68-5.el4.x86_64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.i686",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ia64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.ppc64",
"4WS-cluster:fence-debuginfo-0:1.32.68-5.el4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cman/fence: insecure temporary file usage in the apc fence agents"
}
]
}
ghsa-hpx5-6mfx-fq22
Vulnerability from github
Published
2022-05-02 00:07
Modified
2022-05-02 00:07
VLAI Severity ?
Details
The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.
{
"affected": [],
"aliases": [
"CVE-2008-4192"
],
"database_specific": {
"cwe_ids": [
"CWE-59"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2008-09-29T17:17:00Z",
"severity": "MODERATE"
},
"details": "The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.",
"id": "GHSA-hpx5-6mfx-fq22",
"modified": "2022-05-02T00:07:55Z",
"published": "2022-05-02T00:07:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4192"
},
{
"type": "WEB",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=235770"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=460476"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44845"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html"
},
{
"type": "WEB",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410"
},
{
"type": "WEB",
"url": "http://dev.gentoo.org/~rbu/security/debiantemp/cman"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/31887"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/32387"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/32390"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/43362"
},
{
"type": "WEB",
"url": "http://uvw.ru/report.lenny.txt"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2008/09/18/3"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2008/09/24/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2008/10/30/2"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0266.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/30898"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-875-1"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2011/0419"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…