 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.880860 |
| Categoría: | CentOS Local Security Checks |
| Título: | CentOS Update for cman CESA-2009:1341 centos5 i386 |
| Resumen: | The remote host is missing an update for the 'cman'; package(s) announced via the referenced advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'cman' package(s) announced via the referenced advisory. Vulnerability Insight: The Cluster Manager (cman) utility provides services for managing a Linux cluster. Multiple insecure temporary file use flaws were found in fence_apc_snmp and ccs_tool. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities (typically root) with the output of the utilities via a symbolic link attack. (CVE-2008-4579, CVE-2008-6552) Bug fixes: * a buffer could overflow if cluster.conf had more than 52 entries per block inside the 'cman' block. The limit is now 1024. * the output of the group_tool dump subcommands were NULL padded. * using device='' instead of label='' no longer causes qdiskd to incorrectly exit. * the IPMI fencing agent has been modified to time out after 10 seconds. It is also now possible to specify a different timeout value with the '-t' option. * the IPMI fencing agent now allows punctuation in passwords. * quickly starting and stopping the cman service no longer causes the cluster membership to become inconsistent across the cluster. * an issue with lock syncing caused 'receive_own from' errors to be logged to '/var/log/messages'. * an issue which caused gfs_controld to segfault when mounting hundreds of file systems has been fixed. * the LPAR fencing agent now properly reports status when an LPAR is in Open Firmware mode. * the LPAR fencing agent now works properly with systems using the Integrated Virtualization Manager (IVM). * the APC SNMP fencing agent now properly recognizes outletStatusOn and outletStatusOff return codes from the SNMP agent. * the WTI fencing agent can now connect to fencing devices with no password. * the rps-10 fencing agent now properly performs a reboot when run with no options. * the IPMI fencing agent now supports different cipher types with the '-C' option. * qdisk now properly scans devices and partitions. * cman now checks to see if a new node has state to prevent killing the first node during cluster setup. * 'service qdiskd start' now works properly. * the McData fence agent now works properly with the McData Sphereon 4500 Fabric Switch. * the Egenera fence agent can now specify an SSH login name. * the APC fence agent now works with non-admin accounts when using the 3.5.x firmware. * fence_xvmd now tries two methods to reboot a virtual machine. * connections to OpenAIS are now allowed from unprivileged CPG clients with the user and group of 'ais'. * groupd no longer allows the default fence d ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: cman on CentOS 5 Solution: Please install the updated packages. CVSS Score: 6.9 CVSS Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2008-4579 31904 http://www.securityfocus.com/bid/31904 32387 http://secunia.com/advisories/32387 32390 http://secunia.com/advisories/32390 36530 http://secunia.com/advisories/36530 43362 http://secunia.com/advisories/43362 ADV-2011-0419 http://www.vupen.com/english/advisories/2011/0419 FEDORA-2008-9042 https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.html RHSA-2009:1341 http://www.redhat.com/support/errata/RHSA-2009-1341.html RHSA-2011:0266 http://www.redhat.com/support/errata/RHSA-2011-0266.html USN-875-1 http://www.ubuntu.com/usn/USN-875-1 [oss-security] 20081013 Re: CVE Request http://www.openwall.com/lists/oss-security/2008/10/13/3 http://bugs.gentoo.org/show_bug.cgi?id=240576 https://bugzilla.redhat.com/show_bug.cgi?id=467386 oval:org.mitre.oval:def:10799 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10799 Common Vulnerability Exposure (CVE) ID: CVE-2008-6552 BugTraq ID: 32179 http://www.securityfocus.com/bid/32179 http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html http://osvdb.org/50299 http://osvdb.org/50300 http://osvdb.org/50301 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11404 RedHat Security Advisories: RHSA-2009:1337 http://rhn.redhat.com/errata/RHSA-2009-1337.html http://www.redhat.com/support/errata/RHSA-2009-1339.html http://www.redhat.com/support/errata/RHSA-2011-0264.html http://www.redhat.com/support/errata/RHSA-2011-0265.html http://secunia.com/advisories/32602 http://secunia.com/advisories/32616 http://secunia.com/advisories/36555 http://secunia.com/advisories/43367 http://secunia.com/advisories/43372 http://www.vupen.com/english/advisories/2011/0416 http://www.vupen.com/english/advisories/2011/0417 XForce ISS Database: clusterproject-unspecified-priv-escalation(46412) https://exchange.xforce.ibmcloud.com/vulnerabilities/46412 |
| Copyright | Copyright (C) 2011 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |