Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2009-0115

Опубликовано: 30 мар. 2009
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.2
CVSS3: 7.8

Описание

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.

РелизСтатусПримечание
dapper

not-affected

0.4.7-1ubuntu2
devel

not-affected

0.4.8-14ubuntu1
gutsy

not-affected

hardy

not-affected

0.4.8-7ubuntu1
intrepid

not-affected

0.4.8-10ubuntu1
jaunty

not-affected

0.4.8-14ubuntu1
upstream

released

0.4.8-15

Показывать по

Ссылки на источники

EPSS

Процентиль: 26%
0.00084
Низкий

7.2 High

CVSS2

7.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2009-0115

redhat
около 16 лет назад

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.

nvd логотип

CVE-2009-0115

CVSS3: 7.8
nvd
около 16 лет назад

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.

debian логотип

CVE-2009-0115

CVSS3: 7.8
debian
около 16 лет назад

The Device Mapper multipathing driver (aka multipath-tools or device-m ...

github логотип

GHSA-m58q-qh36-cwx8

CVSS3: 7.8
github
около 3 лет назад

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.

oracle-oval логотип

ELSA-2009-0411

oracle-oval
около 16 лет назад

ELSA-2009-0411: device-mapper-multipath security update (MODERATE)

EPSS

Процентиль: 26%
0.00084
Низкий

7.2 High

CVSS2

7.8 High

CVSS3