Описание
ELSA-2010-0567: lvm2-cluster security update (MODERATE)
[2.02.56-el5_5.4]
- CVE-2010-2526: Fix insecurity when communicating between lvm2 and clvmd. Resolves: #616044
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
lvm2-cluster
2.02.56-7.el5_5.4
Oracle Linux x86_64
lvm2-cluster
2.02.56-7.el5_5.4
Oracle Linux i386
lvm2-cluster
2.02.56-7.el5_5.4
Связанные CVE
Связанные уязвимости
The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands.
The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands.
The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands.
The cluster logical volume manager daemon (clvmd) in lvm2-cluster in L ...
The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands.