RSS   Vulnerabilities for 'Multipath-tools'   RSS

2009-03-30
 
CVE-2009-0115

 

 
The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.

 


Copyright 2024, cxsecurity.com

 

Back to Top