National Cyber Awareness System

Vulnerability Summary for CVE-2008-6552

Overview

Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9.

Impact

CVSS Severity (version 2.0):

CVSS Version 2 Metrics:

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

External Source: XF

Name: clusterproject-unspecified-priv-escalation(46412)

Hyperlink:http://xforce.iss.net/xforce/xfdb/46412

External Source: VUPEN

Name: ADV-2011-0417

Hyperlink:http://www.vupen.com/english/advisories/2011/0417

External Source: VUPEN

Name: ADV-2011-0416

Hyperlink:http://www.vupen.com/english/advisories/2011/0416

External Source: UBUNTU

Name: USN-875-1

Hyperlink:http://www.ubuntu.com/usn/USN-875-1

External Source: BID

Name: 32179

Hyperlink:http://www.securityfocus.com/bid/32179

External Source: REDHAT

Name: RHSA-2011:0265

Hyperlink:http://www.redhat.com/support/errata/RHSA-2011-0265.html

External Source: REDHAT

Name: RHSA-2011:0264

Hyperlink:http://www.redhat.com/support/errata/RHSA-2011-0264.html

External Source: REDHAT

Name: RHSA-2009:1341

Hyperlink:http://www.redhat.com/support/errata/RHSA-2009-1341.html

External Source: REDHAT

Name: RHSA-2009:1339

Hyperlink:http://www.redhat.com/support/errata/RHSA-2009-1339.html

External Source: FEDORA

Name: FEDORA-2008-9458

Type: Advisory

Hyperlink:http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html

External Source: FEDORA

Name: FEDORA-2008-9458

Type: Advisory

Hyperlink:http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html

External Source: FEDORA

Name: FEDORA-2008-9458

Type: Advisory

Hyperlink:http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html

External Source: SECUNIA

Name: 43372

Hyperlink:http://secunia.com/advisories/43372

External Source: SECUNIA

Name: 43367

Hyperlink:http://secunia.com/advisories/43367

External Source: SECUNIA

Name: 36555

Hyperlink:http://secunia.com/advisories/36555

External Source: SECUNIA

Name: 36530

Hyperlink:http://secunia.com/advisories/36530

External Source: SECUNIA

Name: 32616

Hyperlink:http://secunia.com/advisories/32616

External Source: SECUNIA

Name: 32602

Type: Advisory

Hyperlink:http://secunia.com/advisories/32602

External Source: REDHAT

Name: RHSA-2009:1337

Hyperlink:http://rhn.redhat.com/errata/RHSA-2009-1337.html

External Source: OVAL

Name: oval:org.mitre.oval:def:11404

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11404

External Source: OSVDB

Name: 50301

Hyperlink:http://osvdb.org/50301

External Source: OSVDB

Name: 50300

Hyperlink:http://osvdb.org/50300

External Source: OSVDB

Name: 50299

Hyperlink:http://osvdb.org/50299

References to Check Content

Identifier:oval:org.mitre.oval:def:11404

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11404