Unrated severityNVD Advisory· Published Oct 15, 2008· Updated Apr 23, 2026

CVE-2008-4579

Description

The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly (b) cman, when running in verbose mode, allows local users to append to arbitrary files via a symlink attack on the apclog temporary file.

Affected products

Gentoo/Cman
cpe:2.3:a:gentoo:cman:2.02.00:r1:*:*:*:*:*:*
Gentoo/Fence
cpe:2.3:a:gentoo:fence:2.02.00:r1:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugs.gentoo.org/show_bug.cginvd
secunia.com/advisories/32387nvd
secunia.com/advisories/32390nvd
secunia.com/advisories/36530nvd
secunia.com/advisories/43362nvd
www.openwall.com/lists/oss-security/2008/10/13/3nvd
www.redhat.com/support/errata/RHSA-2009-1341.htmlnvd
www.redhat.com/support/errata/RHSA-2011-0266.htmlnvd
www.securityfocus.com/bid/31904nvd
www.ubuntu.com/usn/USN-875-1nvd
www.vupen.com/english/advisories/2011/0419nvd
bugzilla.redhat.com/show_bug.cginvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10799nvd
www.redhat.com/archives/fedora-package-announce/2008-October/msg00666.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000