CVE-2012-5635
published 2013-04-09CVE-2012-5635: The GlusterFS functionality in Red Hat Storage Management Console 2.0, Native Client, and Server 2.0 allows local users to overwrite arbitrary files via a…
low2.1CVSS 3.1
AVLACLAuNCNIPAN
The GlusterFS functionality in Red Hat Storage Management Console 2.0, Native Client, and Server 2.0 allows local users to overwrite arbitrary files via a symlink attack on multiple temporary files created by (1) tests/volume.rc, (2) extras/hook-scripts/S30samba-stop.sh, and possibly other vectors, different vulnerabilities than CVE-2012-4417.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | glusterfs | < glusterfs 3.5.0-1 (bookworm) | glusterfs 3.5.0-1 (bookworm) |
| gluster | glusterfs | >= 0 < 3.5.0-1 | 3.5.0-1 |
| gluster | glusterfs | >= 0 < 3.5.0-1 | 3.5.0-1 |
| gluster | glusterfs | >= 0 < 3.5.0-1 | 3.5.0-1 |
| gluster | glusterfs | >= 0 < 3.5.0-1 | 3.5.0-1 |
| redhat | storage_management_console | — | — |
| redhat | storage_server | — | — |
CVSS provenance
nvd2.1LOWAV:L/AC:L/Au:N/C:N/I:P/A:N
osv3.6LOW