Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-0115

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.

See the

CVE page on Mitre.org for more details.

References

MISC: http://launchpad.net/b...
CONFIRM: http://download.opensu...
SUSE: SUSE-SR:2009:007
SECUNIA: 34418
SUSE: SUSE-SR:2009:008
DEBIAN: DSA-1767
FEDORA: FEDORA-2009-3449
FEDORA: FEDORA-2009-3453
SECUNIA: 34642
SECUNIA: 34694
SECUNIA: 34710
CONFIRM: http://support.avaya.c...
SECUNIA: 34759
MLIST: [security-announce] 20...
SECUNIA: 38794
VUPEN: ADV-2010-0528
CONFIRM: http://kb.juniper.net/...
CONFIRM: http://kb.juniper.net/...
OVAL: oval:org.mitre.oval:de...

Launchpad.net

CVE 2009-0115

Related bugs

References