Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.9
CVSSv2

CVE-2008-4990

Published: 02/02/2009 Updated: 11/10/2018
CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4
VMScore: 614
Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Enomaly

Vulnerability Summary

Enomaly Elastic Computing Platform (ECP), formerly Enomalism, prior to 2.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/enomalism2.pid temporary file.

Vulnerable Product Search on Vulmon Subscribe to Product

enomaly elastic computing platform

Exploits

Exploit DB: Enomaly ECP/Enomalism Insecure File Creation
Enomaly ECP/Enomalism versions prior to 211 use temporary files in an insecure manner, allowing for symlink and command injection attacks ...
Exploit DB: Enomaly ECP/Enomalism enomalism2.sh Temporary Files
All versions of Enomaly ECP/Enomalism before 221 have multiple issues relating to the use of temporary files in an insecure manner ...

References

CWE-59http://secunia.com/advisories/33724http://www.securityfocus.com/bid/33544http://groups.google.com/group/enomalism/msg/11c2f51b3734b0ab?dmode=sourcehttp://www.securityfocus.com/archive/1/500573/100/0/threadedhttps://nvd.nist.govhttps://packetstormsecurity.com/files/74504/Enomaly-ECP-Enomalism-Insecure-File-Creation.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook