Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2009-0115 |
CWE-ID | CWE-264 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
multipath-tools Other software / Other software solutions |
Vendor | christophe.varoqui.free.fr |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU33702
Risk: Low
CVSSv3.1: 7.3 [CVSS:3.1/CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2009-0115
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local non-authenticated attacker to execute arbitrary code.
The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.
MitigationInstall update from vendor's website.
Vulnerable software versionsmultipath-tools: 0.4.8
External linkshttp://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://launchpad.net/bugs/cve/2009-0115
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
http://secunia.com/advisories/34418
http://secunia.com/advisories/34642
http://secunia.com/advisories/34694
http://secunia.com/advisories/34710
http://secunia.com/advisories/34759
http://secunia.com/advisories/38794
http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm
http://www.debian.org/security/2009/dsa-1767
http://www.vupen.com/english/advisories/2010/0528
http://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214
http://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html
http://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.