CVE-2010-2526

The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:heinz_mauelshagen:lvm2:*:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.50:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.51:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.52:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.53:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.54:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.55:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.56:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.57:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.58:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.59:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.60:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.61:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.62:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.63:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.64:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.65:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.66:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.67:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.68:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.69:*:*:*:*:*:*:*
cpe:2.3:a:heinz_mauelshagen:lvm2:2.02.70:*:*:*:*:*:*:*
OR cpe:2.3:a:redhat:cluster_suite:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5:*:advanced_platform:*:*:*:*:*

History

No history.

Information

Published : 2010-08-05 13:22

Updated : 2024-02-04 17:54


NVD link : CVE-2010-2526

Mitre link : CVE-2010-2526

CVE.ORG link : CVE-2010-2526


JSON object : View

Products Affected

heinz_mauelshagen

  • lvm2

redhat

  • cluster_suite
  • enterprise_linux
CWE
CWE-287

Improper Authentication