Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.64800
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2009:1339
Summary:NOSUMMARY
Description:Description:
The remote host is missing updates announced in
advisory RHSA-2009:1339.

The rgmanager package contains the Red Hat Resource Group Manager, which
provides high availability for critical server applications in the event of
system downtime.

Multiple insecure temporary file use flaws were discovered in rgmanager and
various resource scripts run by rgmanager. A local attacker could use these
flaws to overwrite an arbitrary file writable by the rgmanager process
(i.e. user root) with the output of rgmanager or a resource agent via a
symbolic link attack. (CVE-2008-6552)

Solution:
Users of rgmanager are advised to upgrade to this updated package, which
resolves these issues.

Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2009-1339.html
http://www.redhat.com/security/updates/classification/#low

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-6552
BugTraq ID: 32179
http://www.securityfocus.com/bid/32179
http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00163.html
http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00164.html
http://www.redhat.com/archives/fedora-package-announce/2008-November/msg00165.html
http://osvdb.org/50299
http://osvdb.org/50300
http://osvdb.org/50301
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11404
RedHat Security Advisories: RHSA-2009:1337
http://rhn.redhat.com/errata/RHSA-2009-1337.html
http://www.redhat.com/support/errata/RHSA-2009-1339.html
http://www.redhat.com/support/errata/RHSA-2009-1341.html
http://www.redhat.com/support/errata/RHSA-2011-0264.html
http://www.redhat.com/support/errata/RHSA-2011-0265.html
http://secunia.com/advisories/32602
http://secunia.com/advisories/32616
http://secunia.com/advisories/36530
http://secunia.com/advisories/36555
http://secunia.com/advisories/43367
http://secunia.com/advisories/43372
http://www.ubuntu.com/usn/USN-875-1
http://www.vupen.com/english/advisories/2011/0416
http://www.vupen.com/english/advisories/2011/0417
XForce ISS Database: clusterproject-unspecified-priv-escalation(46412)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46412
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.