CVE-2009-0390

Name of the Vulnerable Software and Affected Versions Enomaly Elastic Computing Platform (ECP) versions prior to 2.1.1

Description The issue allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program. This is due to an argument injection vulnerability.

Recommendations For versions prior to 2.1.1, update to version 2.1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the /tmp/enomalism2.pid file to prevent malicious population of command-line arguments.