csaf_redhat - rhsa-2009

rhsa-2009_1341

Vulnerability from csaf_redhat

Published

2009-09-02 08:00

Modified

2024-11-22 02:44

Summary

Red Hat Security Advisory: cman security, bug fix, and enhancement update

Notes

Topic

Updated cman packages that fix several security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team.

Details

The Cluster Manager (cman) utility provides services for managing a Linux cluster. Multiple insecure temporary file use flaws were found in fence_apc_snmp and ccs_tool. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities (typically root) with the output of the utilities via a symbolic link attack. (CVE-2008-4579, CVE-2008-6552) Bug fixes: * a buffer could overflow if cluster.conf had more than 52 entries per block inside the <cman> block. The limit is now 1024. * the output of the group_tool dump subcommands were NULL padded. * using device="" instead of label="" no longer causes qdiskd to incorrectly exit. * the IPMI fencing agent has been modified to time out after 10 seconds. It is also now possible to specify a different timeout value with the '-t' option. * the IPMI fencing agent now allows punctuation in passwords. * quickly starting and stopping the cman service no longer causes the cluster membership to become inconsistent across the cluster. * an issue with lock syncing caused 'receive_own from' errors to be logged to '/var/log/messages'. * an issue which caused gfs_controld to segfault when mounting hundreds of file systems has been fixed. * the LPAR fencing agent now properly reports status when an LPAR is in Open Firmware mode. * the LPAR fencing agent now works properly with systems using the Integrated Virtualization Manager (IVM). * the APC SNMP fencing agent now properly recognizes outletStatusOn and outletStatusOff return codes from the SNMP agent. * the WTI fencing agent can now connect to fencing devices with no password. * the rps-10 fencing agent now properly performs a reboot when run with no options. * the IPMI fencing agent now supports different cipher types with the '-C' option. * qdisk now properly scans devices and partitions. * cman now checks to see if a new node has state to prevent killing the first node during cluster setup. * 'service qdiskd start' now works properly. * the McData fence agent now works properly with the McData Sphereon 4500 Fabric Switch. * the Egenera fence agent can now specify an SSH login name. * the APC fence agent now works with non-admin accounts when using the 3.5.x firmware. * fence_xvmd now tries two methods to reboot a virtual machine. * connections to OpenAIS are now allowed from unprivileged CPG clients with the user and group of 'ais'. * groupd no longer allows the default fence domain to be '0', which previously caused rgmanager to hang. Now, rgmanager no longer hangs. * the RSA fence agent now supports SSH enabled RSA II devices. * the DRAC fence agent now works with the Integrated Dell Remote Access Controller (iDRAC) on Dell PowerEdge M600 blade servers. * fixed a memory leak in cman. * qdisk now displays a warning if more than one label is found with the same name. * the DRAC5 fencing agent now shows proper usage instructions for the '-D' option. * cman no longer uses the wrong node name when getnameinfo() fails. * the SCSI fence agent now verifies that sg_persist is installed. * the DRAC5 fencing agent now properly handles modulename. * QDisk now logs warning messages if it appears its I/O to shared storage is hung. * fence_apc no longer fails with a pexpect exception. * removing a node from the cluster using 'cman_tool leave remove' now properly reduces the expected_votes and quorum. * a semaphore leak in cman has been fixed. * 'cman_tool nodes -F name' no longer segfaults when a node is out of membership. Enhancements: * support for: ePowerSwitch 8+ and LPAR/HMC v3 devices, Cisco MDS 9124 and MDS 9134 SAN switches, the virsh fencing agent, and broadcast communication with cman. * fence_scsi limitations added to fence_scsi man page. Users of cman are advised to upgrade to these updated packages, which resolve these issues and add these enhancements.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Low"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated cman packages that fix several security issues, various bugs, and\nadd enhancements are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The Cluster Manager (cman) utility provides services for managing a Linux\ncluster.\n\nMultiple insecure temporary file use flaws were found in fence_apc_snmp and\nccs_tool. A local attacker could use these flaws to overwrite an arbitrary\nfile writable by a victim running those utilities (typically root) with\nthe output of the utilities via a symbolic link attack. (CVE-2008-4579,\nCVE-2008-6552)\n\nBug fixes:\n\n* a buffer could overflow if cluster.conf had more than 52 entries per\nblock inside the \u003ccman\u003e block. The limit is now 1024.\n\n* the output of the group_tool dump subcommands were NULL padded.\n\n* using device=\"\" instead of label=\"\" no longer causes qdiskd to\nincorrectly exit.\n\n* the IPMI fencing agent has been modified to time out after 10 seconds. It\nis also now possible to specify a different timeout value with the \u0027-t\u0027\noption.\n\n* the IPMI fencing agent now allows punctuation in passwords.\n\n* quickly starting and stopping the cman service no longer causes the\ncluster membership to become inconsistent across the cluster.\n\n* an issue with lock syncing caused \u0027receive_own from\u0027 errors to be logged\nto \u0027/var/log/messages\u0027.\n\n* an issue which caused gfs_controld to segfault when mounting hundreds of\nfile systems has been fixed.\n\n* the LPAR fencing agent now properly reports status when an LPAR is in\nOpen Firmware mode.\n\n* the LPAR fencing agent now works properly with systems using the\nIntegrated Virtualization Manager (IVM).\n\n* the APC SNMP fencing agent now properly recognizes outletStatusOn and\noutletStatusOff return codes from the SNMP agent.\n\n* the WTI fencing agent can now connect to fencing devices with no\npassword.\n\n* the rps-10 fencing agent now properly performs a reboot when run with no\noptions.\n\n* the IPMI fencing agent now supports different cipher types with the \u0027-C\u0027\noption.\n\n* qdisk now properly scans devices and partitions.\n\n* cman now checks to see if a new node has state to prevent killing the\nfirst node during cluster setup.\n\n* \u0027service qdiskd start\u0027 now works properly.\n\n* the McData fence agent now works properly with the McData Sphereon 4500\nFabric Switch.\n\n* the Egenera fence agent can now specify an SSH login name.\n\n* the APC fence agent now works with non-admin accounts when using the\n3.5.x firmware.\n\n* fence_xvmd now tries two methods to reboot a virtual machine.\n\n* connections to OpenAIS are now allowed from unprivileged CPG clients with\nthe user and group of \u0027ais\u0027.\n\n* groupd no longer allows the default fence domain to be \u00270\u0027, which\npreviously caused rgmanager to hang. Now, rgmanager no longer hangs.\n\n* the RSA fence agent now supports SSH enabled RSA II devices.\n\n* the DRAC fence agent now works with the Integrated Dell Remote Access\nController (iDRAC) on Dell PowerEdge M600 blade servers.\n\n* fixed a memory leak in cman.\n\n* qdisk now displays a warning if more than one label is found with the\nsame name.\n\n* the DRAC5 fencing agent now shows proper usage instructions for the \u0027-D\u0027\noption.\n\n* cman no longer uses the wrong node name when getnameinfo() fails.\n\n* the SCSI fence agent now verifies that sg_persist is installed.\n\n* the DRAC5 fencing agent now properly handles modulename.\n\n* QDisk now logs warning messages if it appears its I/O to shared storage\nis hung.\n\n* fence_apc no longer fails with a pexpect exception.\n\n* removing a node from the cluster using \u0027cman_tool leave remove\u0027 now\nproperly reduces the expected_votes and quorum.\n\n* a semaphore leak in cman has been fixed.\n\n* \u0027cman_tool nodes -F name\u0027 no longer segfaults when a node is out of\nmembership.\n\nEnhancements:\n\n* support for: ePowerSwitch 8+ and LPAR/HMC v3 devices, Cisco MDS 9124 and\nMDS 9134 SAN switches, the virsh fencing agent, and broadcast communication\nwith cman.\n\n* fence_scsi limitations added to fence_scsi man page.\n\nUsers of cman are advised to upgrade to these updated packages, which\nresolve these issues and add these enhancements.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2009:1341",
        "url": "https://access.redhat.com/errata/RHSA-2009:1341"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#low",
        "url": "https://access.redhat.com/security/updates/classification/#low"
      },
      {
        "category": "external",
        "summary": "276541",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=276541"
      },
      {
        "category": "external",
        "summary": "322291",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=322291"
      },
      {
        "category": "external",
        "summary": "447497",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=447497"
      },
      {
        "category": "external",
        "summary": "447964",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=447964"
      },
      {
        "category": "external",
        "summary": "467386",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=467386"
      },
      {
        "category": "external",
        "summary": "468966",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=468966"
      },
      {
        "category": "external",
        "summary": "472460",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=472460"
      },
      {
        "category": "external",
        "summary": "472786",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=472786"
      },
      {
        "category": "external",
        "summary": "473961",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=473961"
      },
      {
        "category": "external",
        "summary": "474163",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=474163"
      },
      {
        "category": "external",
        "summary": "480178",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=480178"
      },
      {
        "category": "external",
        "summary": "480401",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=480401"
      },
      {
        "category": "external",
        "summary": "480836",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=480836"
      },
      {
        "category": "external",
        "summary": "481566",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=481566"
      },
      {
        "category": "external",
        "summary": "481664",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=481664"
      },
      {
        "category": "external",
        "summary": "484095",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=484095"
      },
      {
        "category": "external",
        "summary": "484956",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=484956"
      },
      {
        "category": "external",
        "summary": "485026",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=485026"
      },
      {
        "category": "external",
        "summary": "485199",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=485199"
      },
      {
        "category": "external",
        "summary": "485469",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=485469"
      },
      {
        "category": "external",
        "summary": "485700",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=485700"
      },
      {
        "category": "external",
        "summary": "487436",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487436"
      },
      {
        "category": "external",
        "summary": "487501",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=487501"
      },
      {
        "category": "external",
        "summary": "488565",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=488565"
      },
      {
        "category": "external",
        "summary": "488958",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=488958"
      },
      {
        "category": "external",
        "summary": "491640",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491640"
      },
      {
        "category": "external",
        "summary": "493165",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=493165"
      },
      {
        "category": "external",
        "summary": "493207",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=493207"
      },
      {
        "category": "external",
        "summary": "493802",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=493802"
      },
      {
        "category": "external",
        "summary": "496629",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=496629"
      },
      {
        "category": "external",
        "summary": "496724",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=496724"
      },
      {
        "category": "external",
        "summary": "498329",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=498329"
      },
      {
        "category": "external",
        "summary": "499767",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=499767"
      },
      {
        "category": "external",
        "summary": "500450",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=500450"
      },
      {
        "category": "external",
        "summary": "500567",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=500567"
      },
      {
        "category": "external",
        "summary": "501586",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=501586"
      },
      {
        "category": "external",
        "summary": "502674",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=502674"
      },
      {
        "category": "external",
        "summary": "504705",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=504705"
      },
      {
        "category": "external",
        "summary": "505258",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=505258"
      },
      {
        "category": "external",
        "summary": "505594",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=505594"
      },
      {
        "category": "external",
        "summary": "512998",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=512998"
      },
      {
        "category": "external",
        "summary": "514758",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=514758"
      },
      {
        "category": "external",
        "summary": "519436",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=519436"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1341.json"
      }
    ],
    "title": "Red Hat Security Advisory: cman security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2024-11-22T02:44:45+00:00",
      "generator": {
        "date": "2024-11-22T02:44:45+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2009:1341",
      "initial_release_date": "2009-09-02T08:00:00+00:00",
      "revision_history": [
        {
          "date": "2009-09-02T08:00:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2009-09-01T06:43:16+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T02:44:45+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
                  "product_id": "5Client-Workstation",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client_workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5 server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5 server)",
                  "product_id": "5Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cman-0:2.0.115-1.el5.src",
                "product": {
                  "name": "cman-0:2.0.115-1.el5.src",
                  "product_id": "cman-0:2.0.115-1.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman@2.0.115-1.el5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cman-0:2.0.115-1.el5.x86_64",
                "product": {
                  "name": "cman-0:2.0.115-1.el5.x86_64",
                  "product_id": "cman-0:2.0.115-1.el5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman@2.0.115-1.el5?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cman-devel-0:2.0.115-1.el5.x86_64",
                "product": {
                  "name": "cman-devel-0:2.0.115-1.el5.x86_64",
                  "product_id": "cman-devel-0:2.0.115-1.el5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman-devel@2.0.115-1.el5?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cman-debuginfo-0:2.0.115-1.el5.x86_64",
                "product": {
                  "name": "cman-debuginfo-0:2.0.115-1.el5.x86_64",
                  "product_id": "cman-debuginfo-0:2.0.115-1.el5.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-1.el5?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cman-devel-0:2.0.115-1.el5.i386",
                "product": {
                  "name": "cman-devel-0:2.0.115-1.el5.i386",
                  "product_id": "cman-devel-0:2.0.115-1.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman-devel@2.0.115-1.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cman-debuginfo-0:2.0.115-1.el5.i386",
                "product": {
                  "name": "cman-debuginfo-0:2.0.115-1.el5.i386",
                  "product_id": "cman-debuginfo-0:2.0.115-1.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-1.el5?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cman-0:2.0.115-1.el5.i386",
                "product": {
                  "name": "cman-0:2.0.115-1.el5.i386",
                  "product_id": "cman-0:2.0.115-1.el5.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman@2.0.115-1.el5?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cman-0:2.0.115-1.el5.ia64",
                "product": {
                  "name": "cman-0:2.0.115-1.el5.ia64",
                  "product_id": "cman-0:2.0.115-1.el5.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman@2.0.115-1.el5?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cman-devel-0:2.0.115-1.el5.ia64",
                "product": {
                  "name": "cman-devel-0:2.0.115-1.el5.ia64",
                  "product_id": "cman-devel-0:2.0.115-1.el5.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman-devel@2.0.115-1.el5?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cman-debuginfo-0:2.0.115-1.el5.ia64",
                "product": {
                  "name": "cman-debuginfo-0:2.0.115-1.el5.ia64",
                  "product_id": "cman-debuginfo-0:2.0.115-1.el5.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-1.el5?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cman-0:2.0.115-1.el5.ppc",
                "product": {
                  "name": "cman-0:2.0.115-1.el5.ppc",
                  "product_id": "cman-0:2.0.115-1.el5.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman@2.0.115-1.el5?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cman-devel-0:2.0.115-1.el5.ppc",
                "product": {
                  "name": "cman-devel-0:2.0.115-1.el5.ppc",
                  "product_id": "cman-devel-0:2.0.115-1.el5.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman-devel@2.0.115-1.el5?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cman-debuginfo-0:2.0.115-1.el5.ppc",
                "product": {
                  "name": "cman-debuginfo-0:2.0.115-1.el5.ppc",
                  "product_id": "cman-debuginfo-0:2.0.115-1.el5.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-1.el5?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cman-devel-0:2.0.115-1.el5.ppc64",
                "product": {
                  "name": "cman-devel-0:2.0.115-1.el5.ppc64",
                  "product_id": "cman-devel-0:2.0.115-1.el5.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman-devel@2.0.115-1.el5?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cman-debuginfo-0:2.0.115-1.el5.ppc64",
                "product": {
                  "name": "cman-debuginfo-0:2.0.115-1.el5.ppc64",
                  "product_id": "cman-debuginfo-0:2.0.115-1.el5.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-1.el5?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cman-0:2.0.115-1.el5.s390x",
                "product": {
                  "name": "cman-0:2.0.115-1.el5.s390x",
                  "product_id": "cman-0:2.0.115-1.el5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman@2.0.115-1.el5?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cman-devel-0:2.0.115-1.el5.s390x",
                "product": {
                  "name": "cman-devel-0:2.0.115-1.el5.s390x",
                  "product_id": "cman-devel-0:2.0.115-1.el5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman-devel@2.0.115-1.el5?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cman-debuginfo-0:2.0.115-1.el5.s390x",
                "product": {
                  "name": "cman-debuginfo-0:2.0.115-1.el5.s390x",
                  "product_id": "cman-debuginfo-0:2.0.115-1.el5.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-1.el5?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cman-devel-0:2.0.115-1.el5.s390",
                "product": {
                  "name": "cman-devel-0:2.0.115-1.el5.s390",
                  "product_id": "cman-devel-0:2.0.115-1.el5.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman-devel@2.0.115-1.el5?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cman-debuginfo-0:2.0.115-1.el5.s390",
                "product": {
                  "name": "cman-debuginfo-0:2.0.115-1.el5.s390",
                  "product_id": "cman-debuginfo-0:2.0.115-1.el5.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cman-debuginfo@2.0.115-1.el5?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-0:2.0.115-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-0:2.0.115-1.el5.i386"
        },
        "product_reference": "cman-0:2.0.115-1.el5.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-0:2.0.115-1.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-0:2.0.115-1.el5.ia64"
        },
        "product_reference": "cman-0:2.0.115-1.el5.ia64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-0:2.0.115-1.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-0:2.0.115-1.el5.ppc"
        },
        "product_reference": "cman-0:2.0.115-1.el5.ppc",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-0:2.0.115-1.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-0:2.0.115-1.el5.s390x"
        },
        "product_reference": "cman-0:2.0.115-1.el5.s390x",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-0:2.0.115-1.el5.src as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-0:2.0.115-1.el5.src"
        },
        "product_reference": "cman-0:2.0.115-1.el5.src",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-0:2.0.115-1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-0:2.0.115-1.el5.x86_64"
        },
        "product_reference": "cman-0:2.0.115-1.el5.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-debuginfo-0:2.0.115-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.i386"
        },
        "product_reference": "cman-debuginfo-0:2.0.115-1.el5.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-debuginfo-0:2.0.115-1.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ia64"
        },
        "product_reference": "cman-debuginfo-0:2.0.115-1.el5.ia64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-debuginfo-0:2.0.115-1.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ppc"
        },
        "product_reference": "cman-debuginfo-0:2.0.115-1.el5.ppc",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-debuginfo-0:2.0.115-1.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ppc64"
        },
        "product_reference": "cman-debuginfo-0:2.0.115-1.el5.ppc64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-debuginfo-0:2.0.115-1.el5.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.s390"
        },
        "product_reference": "cman-debuginfo-0:2.0.115-1.el5.s390",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-debuginfo-0:2.0.115-1.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.s390x"
        },
        "product_reference": "cman-debuginfo-0:2.0.115-1.el5.s390x",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-debuginfo-0:2.0.115-1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.x86_64"
        },
        "product_reference": "cman-debuginfo-0:2.0.115-1.el5.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-devel-0:2.0.115-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-devel-0:2.0.115-1.el5.i386"
        },
        "product_reference": "cman-devel-0:2.0.115-1.el5.i386",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-devel-0:2.0.115-1.el5.ia64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ia64"
        },
        "product_reference": "cman-devel-0:2.0.115-1.el5.ia64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-devel-0:2.0.115-1.el5.ppc as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ppc"
        },
        "product_reference": "cman-devel-0:2.0.115-1.el5.ppc",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-devel-0:2.0.115-1.el5.ppc64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ppc64"
        },
        "product_reference": "cman-devel-0:2.0.115-1.el5.ppc64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-devel-0:2.0.115-1.el5.s390 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-devel-0:2.0.115-1.el5.s390"
        },
        "product_reference": "cman-devel-0:2.0.115-1.el5.s390",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-devel-0:2.0.115-1.el5.s390x as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-devel-0:2.0.115-1.el5.s390x"
        },
        "product_reference": "cman-devel-0:2.0.115-1.el5.s390x",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-devel-0:2.0.115-1.el5.x86_64 as a component of Red Hat Enterprise Linux Desktop Workstation (v. 5 client)",
          "product_id": "5Client-Workstation:cman-devel-0:2.0.115-1.el5.x86_64"
        },
        "product_reference": "cman-devel-0:2.0.115-1.el5.x86_64",
        "relates_to_product_reference": "5Client-Workstation"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-0:2.0.115-1.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-0:2.0.115-1.el5.i386"
        },
        "product_reference": "cman-0:2.0.115-1.el5.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-0:2.0.115-1.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-0:2.0.115-1.el5.ia64"
        },
        "product_reference": "cman-0:2.0.115-1.el5.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-0:2.0.115-1.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-0:2.0.115-1.el5.ppc"
        },
        "product_reference": "cman-0:2.0.115-1.el5.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-0:2.0.115-1.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-0:2.0.115-1.el5.s390x"
        },
        "product_reference": "cman-0:2.0.115-1.el5.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-0:2.0.115-1.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-0:2.0.115-1.el5.src"
        },
        "product_reference": "cman-0:2.0.115-1.el5.src",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-0:2.0.115-1.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-0:2.0.115-1.el5.x86_64"
        },
        "product_reference": "cman-0:2.0.115-1.el5.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-debuginfo-0:2.0.115-1.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-debuginfo-0:2.0.115-1.el5.i386"
        },
        "product_reference": "cman-debuginfo-0:2.0.115-1.el5.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-debuginfo-0:2.0.115-1.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-debuginfo-0:2.0.115-1.el5.ia64"
        },
        "product_reference": "cman-debuginfo-0:2.0.115-1.el5.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-debuginfo-0:2.0.115-1.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-debuginfo-0:2.0.115-1.el5.ppc"
        },
        "product_reference": "cman-debuginfo-0:2.0.115-1.el5.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-debuginfo-0:2.0.115-1.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-debuginfo-0:2.0.115-1.el5.ppc64"
        },
        "product_reference": "cman-debuginfo-0:2.0.115-1.el5.ppc64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-debuginfo-0:2.0.115-1.el5.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-debuginfo-0:2.0.115-1.el5.s390"
        },
        "product_reference": "cman-debuginfo-0:2.0.115-1.el5.s390",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-debuginfo-0:2.0.115-1.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-debuginfo-0:2.0.115-1.el5.s390x"
        },
        "product_reference": "cman-debuginfo-0:2.0.115-1.el5.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-debuginfo-0:2.0.115-1.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-debuginfo-0:2.0.115-1.el5.x86_64"
        },
        "product_reference": "cman-debuginfo-0:2.0.115-1.el5.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-devel-0:2.0.115-1.el5.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-devel-0:2.0.115-1.el5.i386"
        },
        "product_reference": "cman-devel-0:2.0.115-1.el5.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-devel-0:2.0.115-1.el5.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-devel-0:2.0.115-1.el5.ia64"
        },
        "product_reference": "cman-devel-0:2.0.115-1.el5.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-devel-0:2.0.115-1.el5.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-devel-0:2.0.115-1.el5.ppc"
        },
        "product_reference": "cman-devel-0:2.0.115-1.el5.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-devel-0:2.0.115-1.el5.ppc64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-devel-0:2.0.115-1.el5.ppc64"
        },
        "product_reference": "cman-devel-0:2.0.115-1.el5.ppc64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-devel-0:2.0.115-1.el5.s390 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-devel-0:2.0.115-1.el5.s390"
        },
        "product_reference": "cman-devel-0:2.0.115-1.el5.s390",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-devel-0:2.0.115-1.el5.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-devel-0:2.0.115-1.el5.s390x"
        },
        "product_reference": "cman-devel-0:2.0.115-1.el5.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cman-devel-0:2.0.115-1.el5.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:cman-devel-0:2.0.115-1.el5.x86_64"
        },
        "product_reference": "cman-devel-0:2.0.115-1.el5.x86_64",
        "relates_to_product_reference": "5Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2008-4579",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "discovery_date": "2008-10-08T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "467386"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cman/fence: insecure temporary file usage in the apc fence agents",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client-Workstation:cman-0:2.0.115-1.el5.i386",
          "5Client-Workstation:cman-0:2.0.115-1.el5.ia64",
          "5Client-Workstation:cman-0:2.0.115-1.el5.ppc",
          "5Client-Workstation:cman-0:2.0.115-1.el5.s390x",
          "5Client-Workstation:cman-0:2.0.115-1.el5.src",
          "5Client-Workstation:cman-0:2.0.115-1.el5.x86_64",
          "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.i386",
          "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ia64",
          "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ppc",
          "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ppc64",
          "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.s390",
          "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.s390x",
          "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.x86_64",
          "5Client-Workstation:cman-devel-0:2.0.115-1.el5.i386",
          "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ia64",
          "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ppc",
          "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ppc64",
          "5Client-Workstation:cman-devel-0:2.0.115-1.el5.s390",
          "5Client-Workstation:cman-devel-0:2.0.115-1.el5.s390x",
          "5Client-Workstation:cman-devel-0:2.0.115-1.el5.x86_64",
          "5Server:cman-0:2.0.115-1.el5.i386",
          "5Server:cman-0:2.0.115-1.el5.ia64",
          "5Server:cman-0:2.0.115-1.el5.ppc",
          "5Server:cman-0:2.0.115-1.el5.s390x",
          "5Server:cman-0:2.0.115-1.el5.src",
          "5Server:cman-0:2.0.115-1.el5.x86_64",
          "5Server:cman-debuginfo-0:2.0.115-1.el5.i386",
          "5Server:cman-debuginfo-0:2.0.115-1.el5.ia64",
          "5Server:cman-debuginfo-0:2.0.115-1.el5.ppc",
          "5Server:cman-debuginfo-0:2.0.115-1.el5.ppc64",
          "5Server:cman-debuginfo-0:2.0.115-1.el5.s390",
          "5Server:cman-debuginfo-0:2.0.115-1.el5.s390x",
          "5Server:cman-debuginfo-0:2.0.115-1.el5.x86_64",
          "5Server:cman-devel-0:2.0.115-1.el5.i386",
          "5Server:cman-devel-0:2.0.115-1.el5.ia64",
          "5Server:cman-devel-0:2.0.115-1.el5.ppc",
          "5Server:cman-devel-0:2.0.115-1.el5.ppc64",
          "5Server:cman-devel-0:2.0.115-1.el5.s390",
          "5Server:cman-devel-0:2.0.115-1.el5.s390x",
          "5Server:cman-devel-0:2.0.115-1.el5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-4579"
        },
        {
          "category": "external",
          "summary": "RHBZ#467386",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=467386"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-4579",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-4579"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-4579",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4579"
        }
      ],
      "release_date": "2008-10-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-09-02T08:00:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "5Client-Workstation:cman-0:2.0.115-1.el5.i386",
            "5Client-Workstation:cman-0:2.0.115-1.el5.ia64",
            "5Client-Workstation:cman-0:2.0.115-1.el5.ppc",
            "5Client-Workstation:cman-0:2.0.115-1.el5.s390x",
            "5Client-Workstation:cman-0:2.0.115-1.el5.src",
            "5Client-Workstation:cman-0:2.0.115-1.el5.x86_64",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.i386",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ia64",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ppc",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ppc64",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.s390",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.s390x",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.x86_64",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.i386",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ia64",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ppc",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ppc64",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.s390",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.s390x",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.x86_64",
            "5Server:cman-0:2.0.115-1.el5.i386",
            "5Server:cman-0:2.0.115-1.el5.ia64",
            "5Server:cman-0:2.0.115-1.el5.ppc",
            "5Server:cman-0:2.0.115-1.el5.s390x",
            "5Server:cman-0:2.0.115-1.el5.src",
            "5Server:cman-0:2.0.115-1.el5.x86_64",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.i386",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.ia64",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.ppc",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.ppc64",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.s390",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.s390x",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.x86_64",
            "5Server:cman-devel-0:2.0.115-1.el5.i386",
            "5Server:cman-devel-0:2.0.115-1.el5.ia64",
            "5Server:cman-devel-0:2.0.115-1.el5.ppc",
            "5Server:cman-devel-0:2.0.115-1.el5.ppc64",
            "5Server:cman-devel-0:2.0.115-1.el5.s390",
            "5Server:cman-devel-0:2.0.115-1.el5.s390x",
            "5Server:cman-devel-0:2.0.115-1.el5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:1341"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 1.5,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:M/Au:S/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "5Client-Workstation:cman-0:2.0.115-1.el5.i386",
            "5Client-Workstation:cman-0:2.0.115-1.el5.ia64",
            "5Client-Workstation:cman-0:2.0.115-1.el5.ppc",
            "5Client-Workstation:cman-0:2.0.115-1.el5.s390x",
            "5Client-Workstation:cman-0:2.0.115-1.el5.src",
            "5Client-Workstation:cman-0:2.0.115-1.el5.x86_64",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.i386",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ia64",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ppc",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ppc64",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.s390",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.s390x",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.x86_64",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.i386",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ia64",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ppc",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ppc64",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.s390",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.s390x",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.x86_64",
            "5Server:cman-0:2.0.115-1.el5.i386",
            "5Server:cman-0:2.0.115-1.el5.ia64",
            "5Server:cman-0:2.0.115-1.el5.ppc",
            "5Server:cman-0:2.0.115-1.el5.s390x",
            "5Server:cman-0:2.0.115-1.el5.src",
            "5Server:cman-0:2.0.115-1.el5.x86_64",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.i386",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.ia64",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.ppc",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.ppc64",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.s390",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.s390x",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.x86_64",
            "5Server:cman-devel-0:2.0.115-1.el5.i386",
            "5Server:cman-devel-0:2.0.115-1.el5.ia64",
            "5Server:cman-devel-0:2.0.115-1.el5.ppc",
            "5Server:cman-devel-0:2.0.115-1.el5.ppc64",
            "5Server:cman-devel-0:2.0.115-1.el5.s390",
            "5Server:cman-devel-0:2.0.115-1.el5.s390x",
            "5Server:cman-devel-0:2.0.115-1.el5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "cman/fence: insecure temporary file usage in the apc fence agents"
    },
    {
      "cve": "CVE-2008-6552",
      "cwe": {
        "id": "CWE-377",
        "name": "Insecure Temporary File"
      },
      "discovery_date": "2008-10-31T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "519436"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "rgmanager: multiple insecure temporary file use issues",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client-Workstation:cman-0:2.0.115-1.el5.i386",
          "5Client-Workstation:cman-0:2.0.115-1.el5.ia64",
          "5Client-Workstation:cman-0:2.0.115-1.el5.ppc",
          "5Client-Workstation:cman-0:2.0.115-1.el5.s390x",
          "5Client-Workstation:cman-0:2.0.115-1.el5.src",
          "5Client-Workstation:cman-0:2.0.115-1.el5.x86_64",
          "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.i386",
          "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ia64",
          "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ppc",
          "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ppc64",
          "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.s390",
          "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.s390x",
          "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.x86_64",
          "5Client-Workstation:cman-devel-0:2.0.115-1.el5.i386",
          "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ia64",
          "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ppc",
          "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ppc64",
          "5Client-Workstation:cman-devel-0:2.0.115-1.el5.s390",
          "5Client-Workstation:cman-devel-0:2.0.115-1.el5.s390x",
          "5Client-Workstation:cman-devel-0:2.0.115-1.el5.x86_64",
          "5Server:cman-0:2.0.115-1.el5.i386",
          "5Server:cman-0:2.0.115-1.el5.ia64",
          "5Server:cman-0:2.0.115-1.el5.ppc",
          "5Server:cman-0:2.0.115-1.el5.s390x",
          "5Server:cman-0:2.0.115-1.el5.src",
          "5Server:cman-0:2.0.115-1.el5.x86_64",
          "5Server:cman-debuginfo-0:2.0.115-1.el5.i386",
          "5Server:cman-debuginfo-0:2.0.115-1.el5.ia64",
          "5Server:cman-debuginfo-0:2.0.115-1.el5.ppc",
          "5Server:cman-debuginfo-0:2.0.115-1.el5.ppc64",
          "5Server:cman-debuginfo-0:2.0.115-1.el5.s390",
          "5Server:cman-debuginfo-0:2.0.115-1.el5.s390x",
          "5Server:cman-debuginfo-0:2.0.115-1.el5.x86_64",
          "5Server:cman-devel-0:2.0.115-1.el5.i386",
          "5Server:cman-devel-0:2.0.115-1.el5.ia64",
          "5Server:cman-devel-0:2.0.115-1.el5.ppc",
          "5Server:cman-devel-0:2.0.115-1.el5.ppc64",
          "5Server:cman-devel-0:2.0.115-1.el5.s390",
          "5Server:cman-devel-0:2.0.115-1.el5.s390x",
          "5Server:cman-devel-0:2.0.115-1.el5.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2008-6552"
        },
        {
          "category": "external",
          "summary": "RHBZ#519436",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=519436"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2008-6552",
          "url": "https://www.cve.org/CVERecord?id=CVE-2008-6552"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2008-6552",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-6552"
        }
      ],
      "release_date": "2008-10-31T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-09-02T08:00:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "5Client-Workstation:cman-0:2.0.115-1.el5.i386",
            "5Client-Workstation:cman-0:2.0.115-1.el5.ia64",
            "5Client-Workstation:cman-0:2.0.115-1.el5.ppc",
            "5Client-Workstation:cman-0:2.0.115-1.el5.s390x",
            "5Client-Workstation:cman-0:2.0.115-1.el5.src",
            "5Client-Workstation:cman-0:2.0.115-1.el5.x86_64",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.i386",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ia64",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ppc",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ppc64",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.s390",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.s390x",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.x86_64",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.i386",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ia64",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ppc",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ppc64",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.s390",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.s390x",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.x86_64",
            "5Server:cman-0:2.0.115-1.el5.i386",
            "5Server:cman-0:2.0.115-1.el5.ia64",
            "5Server:cman-0:2.0.115-1.el5.ppc",
            "5Server:cman-0:2.0.115-1.el5.s390x",
            "5Server:cman-0:2.0.115-1.el5.src",
            "5Server:cman-0:2.0.115-1.el5.x86_64",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.i386",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.ia64",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.ppc",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.ppc64",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.s390",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.s390x",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.x86_64",
            "5Server:cman-devel-0:2.0.115-1.el5.i386",
            "5Server:cman-devel-0:2.0.115-1.el5.ia64",
            "5Server:cman-devel-0:2.0.115-1.el5.ppc",
            "5Server:cman-devel-0:2.0.115-1.el5.ppc64",
            "5Server:cman-devel-0:2.0.115-1.el5.s390",
            "5Server:cman-devel-0:2.0.115-1.el5.s390x",
            "5Server:cman-devel-0:2.0.115-1.el5.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:1341"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 5.4,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:C",
            "version": "2.0"
          },
          "products": [
            "5Client-Workstation:cman-0:2.0.115-1.el5.i386",
            "5Client-Workstation:cman-0:2.0.115-1.el5.ia64",
            "5Client-Workstation:cman-0:2.0.115-1.el5.ppc",
            "5Client-Workstation:cman-0:2.0.115-1.el5.s390x",
            "5Client-Workstation:cman-0:2.0.115-1.el5.src",
            "5Client-Workstation:cman-0:2.0.115-1.el5.x86_64",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.i386",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ia64",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ppc",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.ppc64",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.s390",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.s390x",
            "5Client-Workstation:cman-debuginfo-0:2.0.115-1.el5.x86_64",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.i386",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ia64",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ppc",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.ppc64",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.s390",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.s390x",
            "5Client-Workstation:cman-devel-0:2.0.115-1.el5.x86_64",
            "5Server:cman-0:2.0.115-1.el5.i386",
            "5Server:cman-0:2.0.115-1.el5.ia64",
            "5Server:cman-0:2.0.115-1.el5.ppc",
            "5Server:cman-0:2.0.115-1.el5.s390x",
            "5Server:cman-0:2.0.115-1.el5.src",
            "5Server:cman-0:2.0.115-1.el5.x86_64",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.i386",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.ia64",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.ppc",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.ppc64",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.s390",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.s390x",
            "5Server:cman-debuginfo-0:2.0.115-1.el5.x86_64",
            "5Server:cman-devel-0:2.0.115-1.el5.i386",
            "5Server:cman-devel-0:2.0.115-1.el5.ia64",
            "5Server:cman-devel-0:2.0.115-1.el5.ppc",
            "5Server:cman-devel-0:2.0.115-1.el5.ppc64",
            "5Server:cman-devel-0:2.0.115-1.el5.s390",
            "5Server:cman-devel-0:2.0.115-1.el5.s390x",
            "5Server:cman-devel-0:2.0.115-1.el5.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "rgmanager: multiple insecure temporary file use issues"
    }
  ]
}

cve-2008-4579

Vulnerability from cvelistv5

Published

2008-10-15 20:00

Modified

2024-08-07 10:24

Severity ?

Summary

The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.

References

▼	URL	Tags
	http://bugs.gentoo.org/show_bug.cgi?id=240576	x_refsource_MISC
	http://www.redhat.com/support/errata/RHSA-2009-1341.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/32390	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/32387	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10799	vdb-entry, signature, x_refsource_OVAL
	http://www.vupen.com/english/advisories/2011/0419	vdb-entry, x_refsource_VUPEN
	http://www.ubuntu.com/usn/USN-875-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/31904	vdb-entry, x_refsource_BID
	http://www.openwall.com/lists/oss-security/2008/10/13/3	mailing-list, x_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=467386	x_refsource_CONFIRM
	http://secunia.com/advisories/36530	third-party-advisory, x_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/43362	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2011-0266.html	vendor-advisory, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:24:19.341Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=240576"
          },
          {
            "name": "RHSA-2009:1341",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1341.html"
          },
          {
            "name": "32390",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32390"
          },
          {
            "name": "32387",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32387"
          },
          {
            "name": "oval:org.mitre.oval:def:10799",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10799"
          },
          {
            "name": "ADV-2011-0419",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0419"
          },
          {
            "name": "USN-875-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-875-1"
          },
          {
            "name": "31904",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31904"
          },
          {
            "name": "[oss-security] 20081013 Re: CVE Request",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2008/10/13/3"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=467386"
          },
          {
            "name": "36530",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36530"
          },
          {
            "name": "FEDORA-2008-9042",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html"
          },
          {
            "name": "43362",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43362"
          },
          {
            "name": "RHSA-2011:0266",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0266.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-10-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=240576"
        },
        {
          "name": "RHSA-2009:1341",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1341.html"
        },
        {
          "name": "32390",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32390"
        },
        {
          "name": "32387",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32387"
        },
        {
          "name": "oval:org.mitre.oval:def:10799",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10799"
        },
        {
          "name": "ADV-2011-0419",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0419"
        },
        {
          "name": "USN-875-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-875-1"
        },
        {
          "name": "31904",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31904"
        },
        {
          "name": "[oss-security] 20081013 Re: CVE Request",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2008/10/13/3"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=467386"
        },
        {
          "name": "36530",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36530"
        },
        {
          "name": "FEDORA-2008-9042",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html"
        },
        {
          "name": "43362",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43362"
        },
        {
          "name": "RHSA-2011:0266",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0266.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2008-4579",
    "datePublished": "2008-10-15T20:00:00",
    "dateReserved": "2008-10-15T00:00:00",
    "dateUpdated": "2024-08-07T10:24:19.341Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-6552

Vulnerability from cvelistv5

Published

2009-03-30 16:00

Modified

2024-08-07 11:34

Severity ?

Summary

Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9.

References

▼	URL	Tags
	http://secunia.com/advisories/32616	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0416	vdb-entry, x_refsource_VUPEN
	http://www.redhat.com/support/errata/RHSA-2009-1341.html	vendor-advisory, x_refsource_REDHAT
	http://www.redhat.com/support/errata/RHSA-2011-0264.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/36555	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/32179	vdb-entry, x_refsource_BID
	http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html	vendor-advisory, x_refsource_FEDORA
	http://www.vupen.com/english/advisories/2011/0417	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/32602	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/43372	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-875-1	vendor-advisory, x_refsource_UBUNTU
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11404	vdb-entry, signature, x_refsource_OVAL
	http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html	vendor-advisory, x_refsource_FEDORA
	http://osvdb.org/50300	vdb-entry, x_refsource_OSVDB
	http://rhn.redhat.com/errata/RHSA-2009-1337.html	vendor-advisory, x_refsource_REDHAT
	http://www.redhat.com/support/errata/RHSA-2011-0265.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/43367	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html	vendor-advisory, x_refsource_FEDORA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/46412	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/36530	third-party-advisory, x_refsource_SECUNIA
	http://osvdb.org/50301	vdb-entry, x_refsource_OSVDB
	http://www.redhat.com/support/errata/RHSA-2009-1339.html	vendor-advisory, x_refsource_REDHAT
	http://osvdb.org/50299	vdb-entry, x_refsource_OSVDB

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T11:34:47.139Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "32616",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32616"
          },
          {
            "name": "ADV-2011-0416",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0416"
          },
          {
            "name": "RHSA-2009:1341",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1341.html"
          },
          {
            "name": "RHSA-2011:0264",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0264.html"
          },
          {
            "name": "36555",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36555"
          },
          {
            "name": "32179",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/32179"
          },
          {
            "name": "FEDORA-2008-9458",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html"
          },
          {
            "name": "ADV-2011-0417",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0417"
          },
          {
            "name": "32602",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32602"
          },
          {
            "name": "43372",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43372"
          },
          {
            "name": "USN-875-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-875-1"
          },
          {
            "name": "oval:org.mitre.oval:def:11404",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11404"
          },
          {
            "name": "FEDORA-2008-9458",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html"
          },
          {
            "name": "50300",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/50300"
          },
          {
            "name": "RHSA-2009:1337",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2009-1337.html"
          },
          {
            "name": "RHSA-2011:0265",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0265.html"
          },
          {
            "name": "43367",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43367"
          },
          {
            "name": "FEDORA-2008-9458",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html"
          },
          {
            "name": "clusterproject-unspecified-priv-escalation(46412)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46412"
          },
          {
            "name": "36530",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36530"
          },
          {
            "name": "50301",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/50301"
          },
          {
            "name": "RHSA-2009:1339",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-1339.html"
          },
          {
            "name": "50299",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/50299"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-11-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "32616",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32616"
        },
        {
          "name": "ADV-2011-0416",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0416"
        },
        {
          "name": "RHSA-2009:1341",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1341.html"
        },
        {
          "name": "RHSA-2011:0264",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0264.html"
        },
        {
          "name": "36555",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36555"
        },
        {
          "name": "32179",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/32179"
        },
        {
          "name": "FEDORA-2008-9458",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html"
        },
        {
          "name": "ADV-2011-0417",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0417"
        },
        {
          "name": "32602",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32602"
        },
        {
          "name": "43372",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43372"
        },
        {
          "name": "USN-875-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-875-1"
        },
        {
          "name": "oval:org.mitre.oval:def:11404",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11404"
        },
        {
          "name": "FEDORA-2008-9458",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html"
        },
        {
          "name": "50300",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/50300"
        },
        {
          "name": "RHSA-2009:1337",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2009-1337.html"
        },
        {
          "name": "RHSA-2011:0265",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0265.html"
        },
        {
          "name": "43367",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43367"
        },
        {
          "name": "FEDORA-2008-9458",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html"
        },
        {
          "name": "clusterproject-unspecified-priv-escalation(46412)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46412"
        },
        {
          "name": "36530",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36530"
        },
        {
          "name": "50301",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/50301"
        },
        {
          "name": "RHSA-2009:1339",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-1339.html"
        },
        {
          "name": "50299",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/50299"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-6552",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "32616",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32616"
            },
            {
              "name": "ADV-2011-0416",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0416"
            },
            {
              "name": "RHSA-2009:1341",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1341.html"
            },
            {
              "name": "RHSA-2011:0264",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0264.html"
            },
            {
              "name": "36555",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36555"
            },
            {
              "name": "32179",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/32179"
            },
            {
              "name": "FEDORA-2008-9458",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html"
            },
            {
              "name": "ADV-2011-0417",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0417"
            },
            {
              "name": "32602",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32602"
            },
            {
              "name": "43372",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43372"
            },
            {
              "name": "USN-875-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-875-1"
            },
            {
              "name": "oval:org.mitre.oval:def:11404",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11404"
            },
            {
              "name": "FEDORA-2008-9458",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html"
            },
            {
              "name": "50300",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/50300"
            },
            {
              "name": "RHSA-2009:1337",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2009-1337.html"
            },
            {
              "name": "RHSA-2011:0265",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0265.html"
            },
            {
              "name": "43367",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43367"
            },
            {
              "name": "FEDORA-2008-9458",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html"
            },
            {
              "name": "clusterproject-unspecified-priv-escalation(46412)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46412"
            },
            {
              "name": "36530",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36530"
            },
            {
              "name": "50301",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/50301"
            },
            {
              "name": "RHSA-2009:1339",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1339.html"
            },
            {
              "name": "50299",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/50299"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-6552",
    "datePublished": "2009-03-30T16:00:00",
    "dateReserved": "2009-03-30T00:00:00",
    "dateUpdated": "2024-08-07T11:34:47.139Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

rhsa-2009_1341

Vulnerability from csaf_redhat

cve-2008-4579

Vulnerability from cvelistv5

cve-2008-6552

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature