What is the severity of CVE-2008-6552?

CVE-2008-6552 has a medium severity rating as it allows local users to overwrite arbitrary files via symlink attacks.

How do I fix CVE-2008-6552?

To fix CVE-2008-6552, upgrade to versions 2.03.09-1 or later of the affected Red Hat Cluster Project components.

Which software is affected by CVE-2008-6552?

CVE-2008-6552 affects Red Hat Cluster Project versions before 2.03.09-1, including rgmanager, gfs2-utils, and CMAN.

What type of attack does CVE-2008-6552 involve?

CVE-2008-6552 involves symlink attacks that exploit vulnerabilities in the Resource Group Manager.

Can I still use Red Hat Cluster Project if I have CVE-2008-6552?

While you can continue using Red Hat Cluster Project, you should implement the fix to mitigate the risk posed by CVE-2008-6552.

Vulnerability/
CVE-2008-6552

medium

6.9

CWE

30/3/2009

7/8/2024

CVE-2008-6552

First published: Mon Mar 30 2009(Updated: )

Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink attacks on files in /tmp, involving unspecified components in Resource Group Manager (aka rgmanager) before 2.03.09-1, gfs2-utils before 2.03.09-1, and CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Red Hat Cluster Suite	=2.03.01
Red Hat Cluster Suite	=2.03.04
Red Hat Cluster Suite	=2.99.09
Red Hat Cluster Suite	=2.99.10
Red Hat Cluster Suite	=2.99.02
Red Hat Cluster Suite	=2.03.11
Red Hat Cluster Suite	=2.99.08
Red Hat Cluster Suite	=2.03.7
Red Hat Cluster Suite	=2.99.06
Red Hat Cluster Suite	=2.99.12
Red Hat Cluster Suite	=2.01.00
Red Hat Cluster Suite	=2.99.05
Red Hat Cluster Suite	=2.03.05
Red Hat Cluster Suite	=2.99.00
Red Hat Cluster Suite	=2.03.10
Red Hat Cluster Suite	=2.03.03
Red Hat Cluster Suite	=2.99.13
Red Hat Cluster Suite	=2.99.03
Red Hat Cluster Suite	=2.03.09
Red Hat Cluster Suite	=2.99.01
Red Hat Cluster Suite	=2.03.08
Red Hat Cluster Suite	=2.00.00
Red Hat Cluster Suite	=2.03.00
Red Hat Cluster Suite	=2.02.00
Red Hat Cluster Suite	=2.99.11
Red Hat Cluster Suite	=2.99.04
Red Hat Cluster Suite	=2.99.07
Red Hat Cluster Manager (CMAN)	=2.03.03-1
Red Hat Cluster Manager (CMAN)	=2.03.04-1
Red Hat Cluster Manager (CMAN)	=2.03.05-1
Red Hat Cluster Manager (CMAN)	=2.03.07-1
Red Hat Cluster Manager (CMAN)	=2.03.08-1
Red Hat RGManager	=2.03.03-1
Red Hat RGManager	=2.03.04-1
Red Hat RGManager	=2.03.05-1
Red Hat RGManager	=2.03.07-1
Red Hat RGManager	=2.03.08-1
Fedora	=9
Red Hat GFS2 Utils	=2.03.03-1
Red Hat GFS2 Utils	=2.03.04-1
Red Hat GFS2 Utils	=2.03.05-1
Red Hat GFS2 Utils	=2.03.07-1
Red Hat GFS2 Utils	=22.03.08-1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-6552?
CVE-2008-6552 has a medium severity rating as it allows local users to overwrite arbitrary files via symlink attacks.
How do I fix CVE-2008-6552?
To fix CVE-2008-6552, upgrade to versions 2.03.09-1 or later of the affected Red Hat Cluster Project components.
Which software is affected by CVE-2008-6552?
CVE-2008-6552 affects Red Hat Cluster Project versions before 2.03.09-1, including rgmanager, gfs2-utils, and CMAN.
What type of attack does CVE-2008-6552 involve?
CVE-2008-6552 involves symlink attacks that exploit vulnerabilities in the Resource Group Manager.
Can I still use Red Hat Cluster Project if I have CVE-2008-6552?
While you can continue using Red Hat Cluster Project, you should implement the fix to mitigate the risk posed by CVE-2008-6552.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/last-modified-date
agent/references
agent/author
agent/first-publish-date
agent/event
agent/description
agent/source
agent/softwarecombine
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/redhat
canonical/red hat cluster suite
version/red hat cluster suite/2.03.01
version/red hat cluster suite/2.03.04
version/red hat cluster suite/2.99.09
version/red hat cluster suite/2.99.10
version/red hat cluster suite/2.99.02
version/red hat cluster suite/2.03.11
version/red hat cluster suite/2.99.08
version/red hat cluster suite/2.03.7
version/red hat cluster suite/2.99.06
version/red hat cluster suite/2.99.12
version/red hat cluster suite/2.01.00
version/red hat cluster suite/2.99.05
version/red hat cluster suite/2.03.05
version/red hat cluster suite/2.99.00
version/red hat cluster suite/2.03.10
version/red hat cluster suite/2.03.03
version/red hat cluster suite/2.99.13
version/red hat cluster suite/2.99.03
version/red hat cluster suite/2.03.09
version/red hat cluster suite/2.99.01
version/red hat cluster suite/2.03.08
version/red hat cluster suite/2.00.00
version/red hat cluster suite/2.03.00
version/red hat cluster suite/2.02.00
version/red hat cluster suite/2.99.11
version/red hat cluster suite/2.99.04
version/red hat cluster suite/2.99.07
canonical/red hat cluster manager (cman)
version/red hat cluster manager (cman)/2.03.03-1
version/red hat cluster manager (cman)/2.03.04-1
version/red hat cluster manager (cman)/2.03.05-1
version/red hat cluster manager (cman)/2.03.07-1
version/red hat cluster manager (cman)/2.03.08-1
canonical/red hat rgmanager
version/red hat rgmanager/2.03.03-1
version/red hat rgmanager/2.03.04-1
version/red hat rgmanager/2.03.05-1
version/red hat rgmanager/2.03.07-1
version/red hat rgmanager/2.03.08-1
vendor/fedoraproject
canonical/fedora
version/fedora/9
canonical/red hat gfs2 utils
version/red hat gfs2 utils/2.03.03-1
version/red hat gfs2 utils/2.03.04-1
version/red hat gfs2 utils/2.03.05-1
version/red hat gfs2 utils/2.03.07-1
version/red hat gfs2 utils/22.03.08-1