CVE-2008-4580

Name of the Vulnerable Software and Affected Versions fence versions 2.02.00-r1

Description The issue allows local users to modify arbitrary files via a symlink attack on the fence manual.fifo temporary file. This is related to the fence manual component, which is used in fence and possibly cman.

Recommendations For version 2.02.00-r1, consider restricting access to the fence manual component to minimize the risk of exploitation. As a temporary workaround, avoid using the fence manual component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.