Computer Security
[EN] no-pyccku

multipath-tools weak permissions
SecurityVulns ID:9812
Threat Level:
Description:Weak permissions for control socket.
Affected:MULTIPATHTOOLS : multipath-tools 0.4
CVE:CVE-2009-0115 (The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1767-1] New multipath-tools packages fix denial of service (10.04.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod