Unrated severityNVD Advisory· Published Sep 29, 2008· Updated Apr 23, 2026

CVE-2008-4192

Description

The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.

Affected products

Red Hat/Cman2 versions
cpe:2.3:a:redhat:cman:2.20080629:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:redhat:cman:2.20080629:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:cman:2.20080801:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/31887nvdVendor Advisory
secunia.com/advisories/32387nvdVendor Advisory
secunia.com/advisories/32390nvdVendor Advisory
secunia.com/advisories/43362nvdVendor Advisory
www.vupen.com/english/advisories/2011/0419nvdVendor Advisory
bugs.debian.org/cgi-bin/bugreport.cginvd
dev.gentoo.org/~rbu/security/debiantemp/cmannvd
uvw.ru/report.lenny.txtnvd
www.openwall.com/lists/oss-security/2008/09/18/3nvd
www.openwall.com/lists/oss-security/2008/09/24/2nvd
www.openwall.com/lists/oss-security/2008/10/30/2nvd
www.redhat.com/support/errata/RHSA-2011-0266.htmlnvd
www.securityfocus.com/bid/30898nvd
www.ubuntu.com/usn/USN-875-1nvd
bugs.gentoo.org/show_bug.cginvd
bugzilla.redhat.com/show_bug.cginvd
exchange.xforce.ibmcloud.com/vulnerabilities/44845nvd
www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000