Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Redhat Subscribe
Filtered by product Cman
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-6552 2 Fedoraproject, Redhat 5 Fedora, Cluster Project, Cman and 2 more 2017-09-28 6.9 MEDIUM N/A
Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9.
CVE-2008-6560 1 Redhat 3 Cman, Fedora, Linux 2017-08-16 7.8 HIGH N/A
Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9 and Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (CPU consumption and memory corruption) via a cluster.conf file with many lines. NOTE: it is not clear whether this issue crosses privilege boundaries in realistic uses of the product.
CVE-2008-4192 1 Redhat 1 Cman 2017-08-07 6.9 MEDIUM N/A
The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.