Published: 31/03/2009 Updated: 07/11/2023

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Buffer overflow in CMAN - The Cluster Manager prior to 2.03.09-1 on Fedora 9 and Red Hat Enterprise Linux (RHEL) 5 allows malicious users to cause a denial of service (CPU consumption and memory corruption) via a cluster.conf file with many lines. NOTE: it is not clear whether this issue crosses privilege boundaries in realistic uses of the product.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat cman
redhat cman 2.03.03-1
redhat cman 2.03.04-1
redhat cman 2.03.05-1
redhat cman 2.03.07-1

Multiple insecure temporary file handling vulnerabilities were discovered in Red Hat Cluster A local attacker could exploit these to overwrite arbitrary local files via symlinks (CVE-2008-4192, CVE-2008-4579, CVE-2008-4580, CVE-2008-6552) ...

CWE-119 http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html https://bugzilla.redhat.com/show_bug.cgi?id=468966 http://www.ubuntu.com/usn/USN-875-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/49832 http://git.fedorahosted.org/git/cluster.git?p=cluster.git%3Ba=commitdiff%3Bh=67fee9128e54c6c3fc3eae306b5b501f3029c3be https://usn.ubuntu.com/875-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-6560

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect