PT-2010-4784 · Ocf+1 · Ocf Resource Agents+1

Published

2010-10-20

Updated

2012-02-02

CVE-2010-3389

CVSS v2.0

6.9

Medium

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions OCF Resource Agents versions 1.0.3

Description The issue allows local users to gain privileges via a Trojan horse shared library in the current working directory. This is due to the SAPDatabase and SAPInstance scripts in OCF Resource Agents placing a zero-length directory name in the LD LIBRARY PATH.

Recommendations For OCF Resource Agents version 1.0.3, consider restricting access to the LD LIBRARY PATH environment variable to prevent malicious library loading. As a temporary workaround, avoid using the SAPDatabase and SAPInstance scripts until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2010-3389

RHSA-2011:0264

RHSA-2011:1000

RHSA-2011:1580

RHSA-2011_1000

RHSA-2011_1580

Affected Products

Ocf Resource Agents

Red Hat

PT-2010-4784 · Ocf+1 · Ocf Resource Agents+1

CVE-2010-3389

Related Identifiers

Affected Products

References · 12