RHSA-2009:1341 -- cman security, bug fix, and enhancement update (Low)
Description:
Updated cman packages that fix several security issues, various bugs, andadd enhancements are now available for Red Hat Enterprise Linux 5.This update has been rated as having low security impact by the Red HatSecurity Response Team.The Cluster Manager (cman) utility provides services for managing a Linuxcluster.Multiple insecure temporary file use flaws were found in fence_apc_snmp andccs_tool. A local attacker could use these flaws to overwrite an arbitraryfile writable by a victim running those utilities (typically root) withthe output of the utilities via a symbolic link attack. (CVE-2008-4579,CVE-2008-6552)