The GlusterFS functionality in Red Hat Storage Management Console 2.0, Native Client, and Server 2.0 allows local users to overwrite arbitrary files via a symlink attack on multiple temporary files created by (1) tests/volume.rc, (2) extras/hook-scripts/S30samba-stop.sh, and possibly other vectors, different vulnerabilities than CVE-2012-4417.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat storage native client - |
||
redhat storage server 2.0 |
||
redhat storage management console 2.0 |
||
gluster glusterfs - |