| Vulnerability Name: | CVE-2009-0115 (CCN-49831) | ||||||||||||||||||||||||||||||||||||
| Assigned: | 2009-03-24 | ||||||||||||||||||||||||||||||||||||
| Published: | 2009-03-24 | ||||||||||||||||||||||||||||||||||||
| Updated: | 2017-09-29 | ||||||||||||||||||||||||||||||||||||
| Summary: | The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon. | ||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C) 5.3 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
1.6 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
4.6 Medium (REDHAT Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-264 | ||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2009-0115 Source: CONFIRM Type: Exploit http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml Source: CONFIRM Type: UNKNOWN http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 Source: CONFIRM Type: UNKNOWN http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 Source: MISC Type: UNKNOWN http://launchpad.net/bugs/cve/2009-0115 Source: SUSE Type: UNKNOWN SUSE-SR:2009:007 Source: SUSE Type: UNKNOWN SUSE-SR:2009:008 Source: CCN Type: VMware Security Announcements VMSA-2010-0004 ESX Service Console and vMA third party updates Source: MLIST Type: UNKNOWN [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates Source: CCN Type: RHSA-2009-0411 Moderate: device-mapper-multipath security update Source: SECUNIA Type: Vendor Advisory 34418 Source: SECUNIA Type: Vendor Advisory 34642 Source: SECUNIA Type: Vendor Advisory 34694 Source: SECUNIA Type: Vendor Advisory 34710 Source: CCN Type: SA34759 Avaya Products device-mapper-multipath Insecure Socket Source: SECUNIA Type: Vendor Advisory 34759 Source: CCN Type: SA38794 VMware vMA Update for Multiple Packages Source: SECUNIA Type: Vendor Advisory 38794 Source: CONFIRM Type: UNKNOWN http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm Source: CCN Type: ASA-2009-128 device-mapper-multipath security update (RHSA-2009-0411) Source: DEBIAN Type: UNKNOWN DSA-1767 Source: DEBIAN Type: DSA-1767 multipath-tools -- insecure file permissions Source: CCN Type: GLSA-201006-10 multipath-tools: World-writeable socket Source: CCN Type: Novell Web site Linux OS | SUSE Linux Enterprise Source: CCN Type: BID-34410 multipath-tools 'multipathd' Local Denial of Service Vulnerability Source: VUPEN Type: UNKNOWN ADV-2010-0528 Source: XF Type: UNKNOWN multipathtools-multipathd-command-execution(49831) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:9214 Source: FEDORA Type: UNKNOWN FEDORA-2009-3449 Source: FEDORA Type: UNKNOWN FEDORA-2009-3453 Source: SUSE Type: SUSE-SR:2009:007 SUSE Security Summary Report Source: SUSE Type: SUSE-SR:2009:008 SUSE Security Summary Report | ||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5: Configuration RedHat 6: Configuration RedHat 7: Configuration RedHat 8:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||