RSS   Vulnerabilities for 'Sanlock'   RSS

2012-12-20
 
CVE-2012-5638

 

 
The setup_logging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restrictions via standard filesystem write operations.

 

 >>> Vendor: Ovirt 10 Products
Ovirt
Ovirt-engine-cli
Sanlock
Ovirt-node
Ovirt-hosted-engine-setup
VDSM
Cockpit-ovirt
Ovirt-engine
MOM
NODE


Copyright 2024, cxsecurity.com

 

Back to Top