cvelistv5 - cve-2009-0115

CVE-2009-0115 (GCVE-0-2009-0115)

Vulnerability from cvelistv5 – Published: 2009-03-30 16:00 – Updated: 2024-08-07 04:24

Summary

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/34759	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/38794	third-party-advisoryx_refsource_SECUNIA
	http://lists.vmware.com/pipermail/security-announ…	mailing-listx_refsource_MLIST
	http://www.debian.org/security/2009/dsa-1767	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/34642	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/34694	third-party-advisoryx_refsource_SECUNIA
	http://support.avaya.com/elmodocs2/security/ASA-2…	x_refsource_CONFIRM
	http://secunia.com/advisories/34418	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/34710	third-party-advisoryx_refsource_SECUNIA
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://launchpad.net/bugs/cve/2009-0115	x_refsource_MISC
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	https://www.redhat.com/archives/fedora-package-an…	vendor-advisoryx_refsource_FEDORA
	http://kb.juniper.net/InfoCenter/index?page=conte…	x_refsource_CONFIRM
	http://kb.juniper.net/InfoCenter/index?page=conte…	x_refsource_CONFIRM
	http://download.opensuse.org/update/10.3-test/rep…	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/0528	vdb-entryx_refsource_VUPEN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:24:17.823Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SR:2009:007",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
          },
          {
            "name": "34759",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34759"
          },
          {
            "name": "38794",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38794"
          },
          {
            "name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
          },
          {
            "name": "DSA-1767",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1767"
          },
          {
            "name": "34642",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34642"
          },
          {
            "name": "34694",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34694"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm"
          },
          {
            "name": "34418",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34418"
          },
          {
            "name": "34710",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34710"
          },
          {
            "name": "FEDORA-2009-3453",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html"
          },
          {
            "name": "SUSE-SR:2009:008",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://launchpad.net/bugs/cve/2009-0115"
          },
          {
            "name": "oval:org.mitre.oval:def:9214",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214"
          },
          {
            "name": "FEDORA-2009-3449",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml"
          },
          {
            "name": "ADV-2010-0528",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0528"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-03-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SR:2009:007",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
        },
        {
          "name": "34759",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34759"
        },
        {
          "name": "38794",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38794"
        },
        {
          "name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
        },
        {
          "name": "DSA-1767",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2009/dsa-1767"
        },
        {
          "name": "34642",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34642"
        },
        {
          "name": "34694",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34694"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm"
        },
        {
          "name": "34418",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34418"
        },
        {
          "name": "34710",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34710"
        },
        {
          "name": "FEDORA-2009-3453",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html"
        },
        {
          "name": "SUSE-SR:2009:008",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://launchpad.net/bugs/cve/2009-0115"
        },
        {
          "name": "oval:org.mitre.oval:def:9214",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214"
        },
        {
          "name": "FEDORA-2009-3449",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml"
        },
        {
          "name": "ADV-2010-0528",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0528"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0115",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SR:2009:007",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
            },
            {
              "name": "34759",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34759"
            },
            {
              "name": "38794",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38794"
            },
            {
              "name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
              "refsource": "MLIST",
              "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
            },
            {
              "name": "DSA-1767",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2009/dsa-1767"
            },
            {
              "name": "34642",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34642"
            },
            {
              "name": "34694",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34694"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm"
            },
            {
              "name": "34418",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34418"
            },
            {
              "name": "34710",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34710"
            },
            {
              "name": "FEDORA-2009-3453",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html"
            },
            {
              "name": "SUSE-SR:2009:008",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"
            },
            {
              "name": "http://launchpad.net/bugs/cve/2009-0115",
              "refsource": "MISC",
              "url": "http://launchpad.net/bugs/cve/2009-0115"
            },
            {
              "name": "oval:org.mitre.oval:def:9214",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214"
            },
            {
              "name": "FEDORA-2009-3449",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
            },
            {
              "name": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml",
              "refsource": "CONFIRM",
              "url": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml"
            },
            {
              "name": "ADV-2010-0528",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0528"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0115",
    "datePublished": "2009-03-30T16:00:00",
    "dateReserved": "2009-01-13T00:00:00",
    "dateUpdated": "2024-08-07T04:24:17.823Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:christophe.varoqui:multipath-tools:0.4.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D1B5821-FF7F-41DB-807D-EF28B3C4ADF0\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"743CBBB1-C140-4FEF-B40E-FAE4511B1140\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7000D33B-F3C7-43E8-8FC7-9B97AADC3E12\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F92AB32-E7DE-43F4-B877-1F41FA162EC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C757774-08E7-40AA-B532-6F705C8F7639\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:avaya:intuity_audix_lx:2.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE386B55-B9FA-41BD-AD00-EB6A6552C34E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:avaya:intuity_audix_lx:2.0:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"965928CF-FDE4-42F7-9486-CB4D2F011225\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:avaya:intuity_audix_lx:2.0:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E61EBAF-F034-4070-BFD5-68AD1239CD86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:avaya:message_networking:3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E871348D-8FA1-4C77-BB8E-BECF9CF2FFD9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:avaya:messaging_storage_server:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"34E42226-4F91-4EEB-8151-71BA15E8B7D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:avaya:messaging_storage_server:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB90E377-B821-4508-B1AB-B10F47975E54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:avaya:messaging_storage_server:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FBA21139-B8E2-42A8-AC1D-8DA00F230D8B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:novell:open_enterprise_server:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5C0C136-E406-4628-994A-682E8E729B50\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:opensuse:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.3\", \"versionEndIncluding\": \"11.0\", \"matchCriteriaId\": \"9A8362BB-5717-4714-BD92-220DDB646D07\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_desktop:9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68B14008-5E0A-4187-AF93-DE2FF5BA5921\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CD2D897-E321-4CED-92E0-11A98B52053C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:suse:linux_enterprise_server:10:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"38C3AEB0-59E2-400A-8943-60C0A223B680\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:juniper:ctpview:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.1\", \"matchCriteriaId\": \"A2953793-3D79-4128-A841-EDAF50095FF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:juniper:ctpview:7.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6B30D89-FF23-4818-A63D-7DE5C3328165\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.\"}, {\"lang\": \"es\", \"value\": \"multipath-tools en SUSE openSUSE v10.3 hasta v11.0 y SUSE Linux Enterprise Server (SLES) v10 utiliza permisos de escritura a todos para el fichero del socket (tambi\\u00e9n conocido como /var/run/multipathd.sock), permitiendo a usuarios locales enviar comandos de su elecci\\u00f3n al demonio \\\"multipath\\\".\"}]",
      "id": "CVE-2009-0115",
      "lastModified": "2024-11-21T00:59:05.497",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2009-03-30T16:30:00.343",
      "references": "[{\"url\": \"http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Exploit\"]}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://launchpad.net/bugs/cve/2009-0115\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://lists.vmware.com/pipermail/security-announce/2010/000082.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/34418\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34642\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34694\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34710\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34759\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/38794\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2009/dsa-1767\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0528\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Exploit\"]}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://launchpad.net/bugs/cve/2009-0115\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://lists.vmware.com/pipermail/security-announce/2010/000082.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/34418\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34642\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34694\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34710\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/34759\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/38794\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2009/dsa-1767\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0528\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-732\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-0115\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-03-30T16:30:00.343\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.\"},{\"lang\":\"es\",\"value\":\"multipath-tools en SUSE openSUSE v10.3 hasta v11.0 y SUSE Linux Enterprise Server (SLES) v10 utiliza permisos de escritura a todos para el fichero del socket (tambi\u00e9n conocido como /var/run/multipathd.sock), permitiendo a usuarios locales enviar comandos de su elecci\u00f3n al demonio \\\"multipath\\\".\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-732\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:christophe.varoqui:multipath-tools:0.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D1B5821-FF7F-41DB-807D-EF28B3C4ADF0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"743CBBB1-C140-4FEF-B40E-FAE4511B1140\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7000D33B-F3C7-43E8-8FC7-9B97AADC3E12\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F92AB32-E7DE-43F4-B877-1F41FA162EC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C757774-08E7-40AA-B532-6F705C8F7639\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:intuity_audix_lx:2.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE386B55-B9FA-41BD-AD00-EB6A6552C34E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:intuity_audix_lx:2.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"965928CF-FDE4-42F7-9486-CB4D2F011225\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:intuity_audix_lx:2.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E61EBAF-F034-4070-BFD5-68AD1239CD86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:message_networking:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E871348D-8FA1-4C77-BB8E-BECF9CF2FFD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:messaging_storage_server:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34E42226-4F91-4EEB-8151-71BA15E8B7D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:messaging_storage_server:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB90E377-B821-4508-B1AB-B10F47975E54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:messaging_storage_server:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBA21139-B8E2-42A8-AC1D-8DA00F230D8B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:open_enterprise_server:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5C0C136-E406-4628-994A-682E8E729B50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.3\",\"versionEndIncluding\":\"11.0\",\"matchCriteriaId\":\"9A8362BB-5717-4714-BD92-220DDB646D07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68B14008-5E0A-4187-AF93-DE2FF5BA5921\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CD2D897-E321-4CED-92E0-11A98B52053C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:10:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"38C3AEB0-59E2-400A-8943-60C0A223B680\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:juniper:ctpview:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.1\",\"matchCriteriaId\":\"A2953793-3D79-4128-A841-EDAF50095FF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:juniper:ctpview:7.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6B30D89-FF23-4818-A63D-7DE5C3328165\"}]}]}],\"references\":[{\"url\":\"http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Exploit\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://launchpad.net/bugs/cve/2009-0115\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.vmware.com/pipermail/security-announce/2010/000082.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/34418\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/34642\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/34694\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/34710\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/34759\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38794\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2009/dsa-1767\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0528\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Exploit\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://launchpad.net/bugs/cve/2009-0115\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.vmware.com/pipermail/security-announce/2010/000082.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/34418\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/34642\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/34694\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/34710\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/34759\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/38794\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2009/dsa-1767\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0528\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]}]}}"
  }
}

GSD-2009-0115

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-0115

Aliases

CVE-2009-0115

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-0115",
    "description": "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.",
    "id": "GSD-2009-0115",
    "references": [
      "https://www.suse.com/security/cve/CVE-2009-0115.html",
      "https://www.debian.org/security/2009/dsa-1767",
      "https://access.redhat.com/errata/RHSA-2009:0411",
      "https://linux.oracle.com/cve/CVE-2009-0115.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-0115"
      ],
      "details": "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.",
      "id": "GSD-2009-0115",
      "modified": "2023-12-13T01:19:43.789923Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2009-0115",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "SUSE-SR:2009:007",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
          },
          {
            "name": "34759",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/34759"
          },
          {
            "name": "38794",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/38794"
          },
          {
            "name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
            "refsource": "MLIST",
            "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
          },
          {
            "name": "DSA-1767",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2009/dsa-1767"
          },
          {
            "name": "34642",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/34642"
          },
          {
            "name": "34694",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/34694"
          },
          {
            "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm",
            "refsource": "CONFIRM",
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm"
          },
          {
            "name": "34418",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/34418"
          },
          {
            "name": "34710",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/34710"
          },
          {
            "name": "FEDORA-2009-3453",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html"
          },
          {
            "name": "SUSE-SR:2009:008",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"
          },
          {
            "name": "http://launchpad.net/bugs/cve/2009-0115",
            "refsource": "MISC",
            "url": "http://launchpad.net/bugs/cve/2009-0115"
          },
          {
            "name": "oval:org.mitre.oval:def:9214",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214"
          },
          {
            "name": "FEDORA-2009-3449",
            "refsource": "FEDORA",
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html"
          },
          {
            "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691",
            "refsource": "CONFIRM",
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
          },
          {
            "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705",
            "refsource": "CONFIRM",
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
          },
          {
            "name": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml",
            "refsource": "CONFIRM",
            "url": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml"
          },
          {
            "name": "ADV-2010-0528",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2010/0528"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:christophe.varoqui:multipath-tools:0.4.8:*:*:*:*:*:*:*",
                    "matchCriteriaId": "5D1B5821-FF7F-41DB-807D-EF28B3C4ADF0",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*",
                    "matchCriteriaId": "743CBBB1-C140-4FEF-B40E-FAE4511B1140",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*",
                    "matchCriteriaId": "7000D33B-F3C7-43E8-8FC7-9B97AADC3E12",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:avaya:intuity_audix_lx:2.0:-:*:*:*:*:*:*",
                    "matchCriteriaId": "BE386B55-B9FA-41BD-AD00-EB6A6552C34E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:avaya:intuity_audix_lx:2.0:sp1:*:*:*:*:*:*",
                    "matchCriteriaId": "965928CF-FDE4-42F7-9486-CB4D2F011225",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:avaya:intuity_audix_lx:2.0:sp2:*:*:*:*:*:*",
                    "matchCriteriaId": "1E61EBAF-F034-4070-BFD5-68AD1239CD86",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:avaya:message_networking:3.1:*:*:*:*:*:*:*",
                    "matchCriteriaId": "E871348D-8FA1-4C77-BB8E-BECF9CF2FFD9",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:avaya:messaging_storage_server:3.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "34E42226-4F91-4EEB-8151-71BA15E8B7D4",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:avaya:messaging_storage_server:4.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "CB90E377-B821-4508-B1AB-B10F47975E54",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:avaya:messaging_storage_server:5.0:*:*:*:*:*:*:*",
                    "matchCriteriaId": "FBA21139-B8E2-42A8-AC1D-8DA00F230D8B",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:novell:open_enterprise_server:-:*:*:*:*:*:*:*",
                    "matchCriteriaId": "C5C0C136-E406-4628-994A-682E8E729B50",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:opensuse:opensuse:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "9A8362BB-5717-4714-BD92-220DDB646D07",
                    "versionEndIncluding": "11.0",
                    "versionStartIncluding": "10.3",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:9:*:*:*:*:*:*:*",
                    "matchCriteriaId": "68B14008-5E0A-4187-AF93-DE2FF5BA5921",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
                    "matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:-:*:*:*:*:*:*",
                    "matchCriteriaId": "38C3AEB0-59E2-400A-8943-60C0A223B680",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:juniper:ctpview:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "A2953793-3D79-4128-A841-EDAF50095FF6",
                    "versionEndExcluding": "7.1",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:juniper:ctpview:7.1:-:*:*:*:*:*:*",
                    "matchCriteriaId": "D6B30D89-FF23-4818-A63D-7DE5C3328165",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon."
          },
          {
            "lang": "es",
            "value": "multipath-tools en SUSE openSUSE v10.3 hasta v11.0 y SUSE Linux Enterprise Server (SLES) v10 utiliza permisos de escritura a todos para el fichero del socket (tambi\u00e9n conocido como /var/run/multipathd.sock), permitiendo a usuarios locales enviar comandos de su elecci\u00f3n al demonio \"multipath\"."
          }
        ],
        "id": "CVE-2009-0115",
        "lastModified": "2024-02-16T20:28:12.307",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "HIGH",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "integrityImpact": "COMPLETE",
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 10.0,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 1.8,
              "impactScore": 5.9,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2009-03-30T16:30:00.343",
        "references": [
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link",
              "Exploit"
            ],
            "url": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://launchpad.net/bugs/cve/2009-0115"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Mailing List"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Mailing List"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link",
              "Vendor Advisory"
            ],
            "url": "http://secunia.com/advisories/34418"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link",
              "Vendor Advisory"
            ],
            "url": "http://secunia.com/advisories/34642"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link",
              "Vendor Advisory"
            ],
            "url": "http://secunia.com/advisories/34694"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link",
              "Vendor Advisory"
            ],
            "url": "http://secunia.com/advisories/34710"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link",
              "Vendor Advisory"
            ],
            "url": "http://secunia.com/advisories/34759"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link",
              "Vendor Advisory"
            ],
            "url": "http://secunia.com/advisories/38794"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://www.debian.org/security/2009/dsa-1767"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Permissions Required"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0528"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Mailing List"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Mailing List"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html"
          }
        ],
        "sourceIdentifier": "cve@mitre.org",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-732"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

GHSA-M58Q-QH36-CWX8

Vulnerability from github – Published: 2022-05-02 03:12 – Updated: 2024-02-16 21:31

Details

Severity ?

7.8 (High)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-0115"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-732"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-03-30T16:30:00Z",
    "severity": "HIGH"
  },
  "details": "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.",
  "id": "GHSA-m58q-qh36-cwx8",
  "modified": "2024-02-16T21:31:29Z",
  "published": "2022-05-02T03:12:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0115"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html"
    },
    {
      "type": "WEB",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html"
    },
    {
      "type": "WEB",
      "url": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml"
    },
    {
      "type": "WEB",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
    },
    {
      "type": "WEB",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
    },
    {
      "type": "WEB",
      "url": "http://launchpad.net/bugs/cve/2009-0115"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34418"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34642"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34694"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34710"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/34759"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/38794"
    },
    {
      "type": "WEB",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2009/dsa-1767"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/0528"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTA-2010-AVI-106

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités découvertes dans les produits VMware peuvent être exploitées à distance par un utilisateur malintentionné afin de compromettre le système ou d'entraver son bon fonctionnement.

Description

Les vulnérabilités présentes dans les produits VMware peuvent être exploitées afin de porter atteinte à l'intégrité et à la confidentialité des données, de réaliser un déni de service, d'injecter et d'exécuter indirectement du code arbitraire, d'élever ses privilèges ou d'exécuter du code arbitraire.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
VMware	N/A	VMware vMA 4.0 sans le patch 3.
VMware	N/A	VMware ESX 3.0.3 ;
VMware	N/A	VMware ESX 3.5 ;
VMware	N/A	VMware ESX 2.5.5 ;
VMware	N/A	VMware ESX 4.0 sans les patchs SX400-201002404-SG, SX400-201002406-SG, SX400-201002407-SG ;

References

Title

Publication Time

Tags

Bulletin de sécurité VMware du 03 mars 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware vMA 4.0 sans le patch 3.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX 3.0.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX 3.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX 2.5.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX 4.0 sans les patchs SX400-201002404-SG, SX400-201002406-SG, SX400-201002407-SG ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nLes vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans les produits VMware peuvent \u00eatre\nexploit\u00e9es afin de porter atteinte \u00e0 l\u0027int\u00e9grit\u00e9 et \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, de r\u00e9aliser un d\u00e9ni de service, d\u0027injecter et d\u0027ex\u00e9cuter\nindirectement du code arbitraire, d\u0027\u00e9lever ses privil\u00e8ges ou d\u0027ex\u00e9cuter\ndu code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-2905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2905"
    },
    {
      "name": "CVE-2009-1387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1387"
    },
    {
      "name": "CVE-2009-3560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3560"
    },
    {
      "name": "CVE-2009-2849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2849"
    },
    {
      "name": "CVE-2009-3916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3916"
    },
    {
      "name": "CVE-2009-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0115"
    },
    {
      "name": "CVE-2009-1379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1379"
    },
    {
      "name": "CVE-2009-3613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3613"
    },
    {
      "name": "CVE-2009-4022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4022"
    },
    {
      "name": "CVE-2009-3563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3563"
    },
    {
      "name": "CVE-2009-3620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3620"
    },
    {
      "name": "CVE-2009-1189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1189"
    },
    {
      "name": "CVE-2009-3228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3228"
    },
    {
      "name": "CVE-2009-3547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3547"
    },
    {
      "name": "CVE-2009-2695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2695"
    },
    {
      "name": "CVE-2008-4316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4316"
    },
    {
      "name": "CVE-2009-1378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1378"
    },
    {
      "name": "CVE-2008-3916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3916"
    },
    {
      "name": "CVE-2009-1386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1386"
    },
    {
      "name": "CVE-2009-1377",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1377"
    },
    {
      "name": "CVE-2009-0590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0590"
    },
    {
      "name": "CVE-2009-3286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3286"
    },
    {
      "name": "CVE-2008-4552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4552"
    },
    {
      "name": "CVE-2009-3612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3612"
    },
    {
      "name": "CVE-2009-3621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3621"
    },
    {
      "name": "CVE-2009-3720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3720"
    },
    {
      "name": "CVE-2009-2904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2904"
    },
    {
      "name": "CVE-2009-2908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2908"
    },
    {
      "name": "CVE-2009-3726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3726"
    }
  ],
  "links": [],
  "reference": "CERTA-2010-AVI-106",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-03-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans les produits VMware peuvent\n\u00eatre exploit\u00e9es \u00e0 distance par un utilisateur malintentionn\u00e9 afin de\ncompromettre le syst\u00e8me ou d\u0027entraver son bon fonctionnement.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMware du 03 mars 2010",
      "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
    }
  ]
}

CERTA-2010-AVI-106

Vulnerability from certfr_avis - Published: - Updated:

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
VMware	N/A	VMware vMA 4.0 sans le patch 3.
VMware	N/A	VMware ESX 3.0.3 ;
VMware	N/A	VMware ESX 3.5 ;
VMware	N/A	VMware ESX 2.5.5 ;
VMware	N/A	VMware ESX 4.0 sans les patchs SX400-201002404-SG, SX400-201002406-SG, SX400-201002407-SG ;

References

Title

Publication Time

Tags

Bulletin de sécurité VMware du 03 mars 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware vMA 4.0 sans le patch 3.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX 3.0.3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX 3.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX 2.5.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ESX 4.0 sans les patchs SX400-201002404-SG, SX400-201002406-SG, SX400-201002407-SG ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nLes vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans les produits VMware peuvent \u00eatre\nexploit\u00e9es afin de porter atteinte \u00e0 l\u0027int\u00e9grit\u00e9 et \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, de r\u00e9aliser un d\u00e9ni de service, d\u0027injecter et d\u0027ex\u00e9cuter\nindirectement du code arbitraire, d\u0027\u00e9lever ses privil\u00e8ges ou d\u0027ex\u00e9cuter\ndu code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-2905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2905"
    },
    {
      "name": "CVE-2009-1387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1387"
    },
    {
      "name": "CVE-2009-3560",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3560"
    },
    {
      "name": "CVE-2009-2849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2849"
    },
    {
      "name": "CVE-2009-3916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3916"
    },
    {
      "name": "CVE-2009-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0115"
    },
    {
      "name": "CVE-2009-1379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1379"
    },
    {
      "name": "CVE-2009-3613",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3613"
    },
    {
      "name": "CVE-2009-4022",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4022"
    },
    {
      "name": "CVE-2009-3563",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3563"
    },
    {
      "name": "CVE-2009-3620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3620"
    },
    {
      "name": "CVE-2009-1189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1189"
    },
    {
      "name": "CVE-2009-3228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3228"
    },
    {
      "name": "CVE-2009-3547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3547"
    },
    {
      "name": "CVE-2009-2695",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2695"
    },
    {
      "name": "CVE-2008-4316",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4316"
    },
    {
      "name": "CVE-2009-1378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1378"
    },
    {
      "name": "CVE-2008-3916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3916"
    },
    {
      "name": "CVE-2009-1386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1386"
    },
    {
      "name": "CVE-2009-1377",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1377"
    },
    {
      "name": "CVE-2009-0590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0590"
    },
    {
      "name": "CVE-2009-3286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3286"
    },
    {
      "name": "CVE-2008-4552",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4552"
    },
    {
      "name": "CVE-2009-3612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3612"
    },
    {
      "name": "CVE-2009-3621",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3621"
    },
    {
      "name": "CVE-2009-3720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3720"
    },
    {
      "name": "CVE-2009-2904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2904"
    },
    {
      "name": "CVE-2009-2908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2908"
    },
    {
      "name": "CVE-2009-3726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3726"
    }
  ],
  "links": [],
  "reference": "CERTA-2010-AVI-106",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-03-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans les produits VMware peuvent\n\u00eatre exploit\u00e9es \u00e0 distance par un utilisateur malintentionn\u00e9 afin de\ncompromettre le syst\u00e8me ou d\u0027entraver son bon fonctionnement.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMware du 03 mars 2010",
      "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
    }
  ]
}

CERTFR-2015-AVI-431

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	QFabric 3100 Director versions 12.x
N/A	N/A	ScreenOS
N/A	N/A	CTPView 7.0R3
Juniper Networks	Junos OS	Juniper Junos OS

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10694 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10700 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10703 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10708 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10705 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10706 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10695 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10699 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10697 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10707 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10702 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10704 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10696 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10701 du 14 octobre 2015	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "QFabric 3100 Director versions 12.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ScreenOS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CTPView 7.0R3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-2905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2905"
    },
    {
      "name": "CVE-2011-2483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2483"
    },
    {
      "name": "CVE-2013-1667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1667"
    },
    {
      "name": "CVE-2012-3417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3417"
    },
    {
      "name": "CVE-2014-0063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0063"
    },
    {
      "name": "CVE-2015-5600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5600"
    },
    {
      "name": "CVE-2014-3566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3566"
    },
    {
      "name": "CVE-2014-8867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8867"
    },
    {
      "name": "CVE-2015-1793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1793"
    },
    {
      "name": "CVE-2015-1791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1791"
    },
    {
      "name": "CVE-2009-3490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3490"
    },
    {
      "name": "CVE-2012-0866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0866"
    },
    {
      "name": "CVE-2010-3433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3433"
    },
    {
      "name": "CVE-2012-5526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5526"
    },
    {
      "name": "CVE-2010-1447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1447"
    },
    {
      "name": "CVE-2014-0061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0061"
    },
    {
      "name": "CVE-2009-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0115"
    },
    {
      "name": "CVE-2007-6067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6067"
    },
    {
      "name": "CVE-2010-0826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0826"
    },
    {
      "name": "CVE-2014-8159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8159"
    },
    {
      "name": "CVE-2010-0211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0211"
    },
    {
      "name": "CVE-2013-4242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4242"
    },
    {
      "name": "CVE-2015-1158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1158"
    },
    {
      "name": "CVE-2015-2808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2808"
    },
    {
      "name": "CVE-2010-4352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4352"
    },
    {
      "name": "CVE-2015-7749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7749"
    },
    {
      "name": "CVE-2011-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1720"
    },
    {
      "name": "CVE-2010-1168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1168"
    },
    {
      "name": "CVE-2009-1189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1189"
    },
    {
      "name": "CVE-2014-6450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6450"
    },
    {
      "name": "CVE-2015-1789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1789"
    },
    {
      "name": "CVE-2008-2937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2937"
    },
    {
      "name": "CVE-2012-2697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2697"
    },
    {
      "name": "CVE-2013-2566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2566"
    },
    {
      "name": "CVE-2011-1081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1081"
    },
    {
      "name": "CVE-2009-1632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1632"
    },
    {
      "name": "CVE-2012-3488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3488"
    },
    {
      "name": "CVE-2015-5361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5361"
    },
    {
      "name": "CVE-2013-6435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6435"
    },
    {
      "name": "CVE-2010-2761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2761"
    },
    {
      "name": "CVE-2012-5195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5195"
    },
    {
      "name": "CVE-2015-1788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1788"
    },
    {
      "name": "CVE-2014-6449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6449"
    },
    {
      "name": "CVE-2015-1792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1792"
    },
    {
      "name": "CVE-2014-6451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6451"
    },
    {
      "name": "CVE-2012-6329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6329"
    },
    {
      "name": "CVE-2014-4345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4345"
    },
    {
      "name": "CVE-2008-5302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5302"
    },
    {
      "name": "CVE-2013-6629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6629"
    },
    {
      "name": "CVE-2014-2285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2285"
    },
    {
      "name": "CVE-2013-4449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4449"
    },
    {
      "name": "CVE-2012-0868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0868"
    },
    {
      "name": "CVE-2007-4476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4476"
    },
    {
      "name": "CVE-2010-4410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4410"
    },
    {
      "name": "CVE-2008-5161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5161"
    },
    {
      "name": "CVE-2015-7752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7752"
    },
    {
      "name": "CVE-2010-0407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0407"
    },
    {
      "name": "CVE-2014-0064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0064"
    },
    {
      "name": "CVE-2014-0065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0065"
    },
    {
      "name": "CVE-2007-4772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4772"
    },
    {
      "name": "CVE-2013-0292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0292"
    },
    {
      "name": "CVE-2012-6151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6151"
    },
    {
      "name": "CVE-2008-5303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5303"
    },
    {
      "name": "CVE-2015-1159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1159"
    },
    {
      "name": "CVE-2011-2200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2200"
    },
    {
      "name": "CVE-2015-7748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7748"
    },
    {
      "name": "CVE-2015-7750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7750"
    },
    {
      "name": "CVE-2015-7751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7751"
    },
    {
      "name": "CVE-2011-0411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0411"
    },
    {
      "name": "CVE-2008-3834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3834"
    },
    {
      "name": "CVE-2010-0624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0624"
    },
    {
      "name": "CVE-2014-0062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0062"
    },
    {
      "name": "CVE-2011-1025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1025"
    },
    {
      "name": "CVE-2014-6448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6448"
    },
    {
      "name": "CVE-2011-3597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3597"
    },
    {
      "name": "CVE-2010-0212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0212"
    },
    {
      "name": "CVE-2009-1185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1185"
    },
    {
      "name": "CVE-2009-4901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4901"
    },
    {
      "name": "CVE-2010-1172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1172"
    },
    {
      "name": "CVE-2010-4530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4530"
    },
    {
      "name": "CVE-2011-1024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1024"
    },
    {
      "name": "CVE-2014-3660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3660"
    },
    {
      "name": "CVE-2014-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0060"
    },
    {
      "name": "CVE-1999-0524",
      "url": "https://www.cve.org/CVERecord?id=CVE-1999-0524"
    },
    {
      "name": "CVE-2010-4015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4015"
    },
    {
      "name": "CVE-2011-0002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0002"
    },
    {
      "name": "CVE-2009-1574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1574"
    },
    {
      "name": "CVE-2009-3736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3736"
    },
    {
      "name": "CVE-2015-1790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1790"
    },
    {
      "name": "CVE-2012-2143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2143"
    },
    {
      "name": "CVE-2014-0066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0066"
    },
    {
      "name": "CVE-2010-0001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0001"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-431",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-10-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eJuniper\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10694 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10694\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10700 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10700\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10703 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10703\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10708 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10708\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10705 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10706 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10706\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10695 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10695\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10699 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10699\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10697 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10697\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10707 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10707\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10702 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10702\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10704 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10704\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10696 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10696\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10701 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10701\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTFR-2015-AVI-431

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	QFabric 3100 Director versions 12.x
N/A	N/A	ScreenOS
N/A	N/A	CTPView 7.0R3
Juniper Networks	Junos OS	Juniper Junos OS

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10694 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10700 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10703 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10708 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10705 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10706 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10695 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10699 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10697 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10707 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10702 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10704 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10696 du 14 octobre 2015	None	vendor-advisory
Bulletin de sécurité Juniper JSA10701 du 14 octobre 2015	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "QFabric 3100 Director versions 12.x",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "ScreenOS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CTPView 7.0R3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Junos OS",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-2905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2905"
    },
    {
      "name": "CVE-2011-2483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2483"
    },
    {
      "name": "CVE-2013-1667",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1667"
    },
    {
      "name": "CVE-2012-3417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3417"
    },
    {
      "name": "CVE-2014-0063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0063"
    },
    {
      "name": "CVE-2015-5600",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5600"
    },
    {
      "name": "CVE-2014-3566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3566"
    },
    {
      "name": "CVE-2014-8867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8867"
    },
    {
      "name": "CVE-2015-1793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1793"
    },
    {
      "name": "CVE-2015-1791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1791"
    },
    {
      "name": "CVE-2009-3490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3490"
    },
    {
      "name": "CVE-2012-0866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0866"
    },
    {
      "name": "CVE-2010-3433",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3433"
    },
    {
      "name": "CVE-2012-5526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5526"
    },
    {
      "name": "CVE-2010-1447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1447"
    },
    {
      "name": "CVE-2014-0061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0061"
    },
    {
      "name": "CVE-2009-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0115"
    },
    {
      "name": "CVE-2007-6067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-6067"
    },
    {
      "name": "CVE-2010-0826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0826"
    },
    {
      "name": "CVE-2014-8159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8159"
    },
    {
      "name": "CVE-2010-0211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0211"
    },
    {
      "name": "CVE-2013-4242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4242"
    },
    {
      "name": "CVE-2015-1158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1158"
    },
    {
      "name": "CVE-2015-2808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2808"
    },
    {
      "name": "CVE-2010-4352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4352"
    },
    {
      "name": "CVE-2015-7749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7749"
    },
    {
      "name": "CVE-2011-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1720"
    },
    {
      "name": "CVE-2010-1168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1168"
    },
    {
      "name": "CVE-2009-1189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1189"
    },
    {
      "name": "CVE-2014-6450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6450"
    },
    {
      "name": "CVE-2015-1789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1789"
    },
    {
      "name": "CVE-2008-2937",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2937"
    },
    {
      "name": "CVE-2012-2697",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2697"
    },
    {
      "name": "CVE-2013-2566",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2566"
    },
    {
      "name": "CVE-2011-1081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1081"
    },
    {
      "name": "CVE-2009-1632",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1632"
    },
    {
      "name": "CVE-2012-3488",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3488"
    },
    {
      "name": "CVE-2015-5361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5361"
    },
    {
      "name": "CVE-2013-6435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6435"
    },
    {
      "name": "CVE-2010-2761",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2761"
    },
    {
      "name": "CVE-2012-5195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5195"
    },
    {
      "name": "CVE-2015-1788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1788"
    },
    {
      "name": "CVE-2014-6449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6449"
    },
    {
      "name": "CVE-2015-1792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1792"
    },
    {
      "name": "CVE-2014-6451",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6451"
    },
    {
      "name": "CVE-2012-6329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6329"
    },
    {
      "name": "CVE-2014-4345",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4345"
    },
    {
      "name": "CVE-2008-5302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5302"
    },
    {
      "name": "CVE-2013-6629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6629"
    },
    {
      "name": "CVE-2014-2285",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2285"
    },
    {
      "name": "CVE-2013-4449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4449"
    },
    {
      "name": "CVE-2012-0868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0868"
    },
    {
      "name": "CVE-2007-4476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4476"
    },
    {
      "name": "CVE-2010-4410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4410"
    },
    {
      "name": "CVE-2008-5161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5161"
    },
    {
      "name": "CVE-2015-7752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7752"
    },
    {
      "name": "CVE-2010-0407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0407"
    },
    {
      "name": "CVE-2014-0064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0064"
    },
    {
      "name": "CVE-2014-0065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0065"
    },
    {
      "name": "CVE-2007-4772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-4772"
    },
    {
      "name": "CVE-2013-0292",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0292"
    },
    {
      "name": "CVE-2012-6151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6151"
    },
    {
      "name": "CVE-2008-5303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-5303"
    },
    {
      "name": "CVE-2015-1159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1159"
    },
    {
      "name": "CVE-2011-2200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2200"
    },
    {
      "name": "CVE-2015-7748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7748"
    },
    {
      "name": "CVE-2015-7750",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7750"
    },
    {
      "name": "CVE-2015-7751",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-7751"
    },
    {
      "name": "CVE-2011-0411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0411"
    },
    {
      "name": "CVE-2008-3834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-3834"
    },
    {
      "name": "CVE-2010-0624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0624"
    },
    {
      "name": "CVE-2014-0062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0062"
    },
    {
      "name": "CVE-2011-1025",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1025"
    },
    {
      "name": "CVE-2014-6448",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-6448"
    },
    {
      "name": "CVE-2011-3597",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-3597"
    },
    {
      "name": "CVE-2010-0212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0212"
    },
    {
      "name": "CVE-2009-1185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1185"
    },
    {
      "name": "CVE-2009-4901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4901"
    },
    {
      "name": "CVE-2010-1172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1172"
    },
    {
      "name": "CVE-2010-4530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4530"
    },
    {
      "name": "CVE-2011-1024",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-1024"
    },
    {
      "name": "CVE-2014-3660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3660"
    },
    {
      "name": "CVE-2014-0060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0060"
    },
    {
      "name": "CVE-1999-0524",
      "url": "https://www.cve.org/CVERecord?id=CVE-1999-0524"
    },
    {
      "name": "CVE-2010-4015",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4015"
    },
    {
      "name": "CVE-2011-0002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0002"
    },
    {
      "name": "CVE-2009-1574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1574"
    },
    {
      "name": "CVE-2009-3736",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3736"
    },
    {
      "name": "CVE-2015-1790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1790"
    },
    {
      "name": "CVE-2012-2143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2143"
    },
    {
      "name": "CVE-2014-0066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0066"
    },
    {
      "name": "CVE-2010-0001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0001"
    }
  ],
  "links": [],
  "reference": "CERTFR-2015-AVI-431",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-10-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eJuniper\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10694 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10694\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10700 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10700\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10703 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10703\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10708 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10708\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10705 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10706 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10706\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10695 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10695\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10699 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10699\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10697 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10697\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10707 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10707\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10702 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10702\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10704 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10704\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10696 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10696\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10701 du 14 octobre 2015",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10701\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

FKIE_CVE-2009-0115

Vulnerability from fkie_nvd - Published: 2009-03-30 16:30 - Updated: 2025-04-09 00:30

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
cve@mitre.org	http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml	Broken Link, Exploit
cve@mitre.org	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691	Third Party Advisory
cve@mitre.org	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705	Third Party Advisory
cve@mitre.org	http://launchpad.net/bugs/cve/2009-0115	Third Party Advisory
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html	Mailing List
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html	Mailing List
cve@mitre.org	http://lists.vmware.com/pipermail/security-announce/2010/000082.html	Broken Link
cve@mitre.org	http://secunia.com/advisories/34418	Broken Link, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/34642	Broken Link, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/34694	Broken Link, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/34710	Broken Link, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/34759	Broken Link, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/38794	Broken Link, Vendor Advisory
cve@mitre.org	http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm	Third Party Advisory
cve@mitre.org	http://www.debian.org/security/2009/dsa-1767	Third Party Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2010/0528	Permissions Required
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214	Broken Link
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html	Mailing List
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml	Broken Link, Exploit
af854a3a-2127-422b-91ae-364da2661108	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://launchpad.net/bugs/cve/2009-0115	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://lists.vmware.com/pipermail/security-announce/2010/000082.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34418	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34642	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34694	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34710	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/34759	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38794	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2009/dsa-1767	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0528	Permissions Required
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html	Mailing List

Impacted products

Vendor	Product	Version
christophe.varoqui	multipath-tools	0.4.8
fedoraproject	fedora	9
fedoraproject	fedora	10
debian	debian_linux	4.0
debian	debian_linux	5.0
avaya	intuity_audix_lx	2.0
avaya	intuity_audix_lx	2.0
avaya	intuity_audix_lx	2.0
avaya	message_networking	3.1
avaya	messaging_storage_server	3.0
avaya	messaging_storage_server	4.0
avaya	messaging_storage_server	5.0
novell	open_enterprise_server	-
opensuse	opensuse	*
suse	linux_enterprise_desktop	9
suse	linux_enterprise_server	9
suse	linux_enterprise_server	10
juniper	ctpview	*
juniper	ctpview	7.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:christophe.varoqui:multipath-tools:0.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1B5821-FF7F-41DB-807D-EF28B3C4ADF0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*",
              "matchCriteriaId": "743CBBB1-C140-4FEF-B40E-FAE4511B1140",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7000D33B-F3C7-43E8-8FC7-9B97AADC3E12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:avaya:intuity_audix_lx:2.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "BE386B55-B9FA-41BD-AD00-EB6A6552C34E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:intuity_audix_lx:2.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "965928CF-FDE4-42F7-9486-CB4D2F011225",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:intuity_audix_lx:2.0:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "1E61EBAF-F034-4070-BFD5-68AD1239CD86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:message_networking:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E871348D-8FA1-4C77-BB8E-BECF9CF2FFD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:messaging_storage_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "34E42226-4F91-4EEB-8151-71BA15E8B7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:messaging_storage_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB90E377-B821-4508-B1AB-B10F47975E54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:avaya:messaging_storage_server:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBA21139-B8E2-42A8-AC1D-8DA00F230D8B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:novell:open_enterprise_server:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5C0C136-E406-4628-994A-682E8E729B50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A8362BB-5717-4714-BD92-220DDB646D07",
              "versionEndIncluding": "11.0",
              "versionStartIncluding": "10.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:9:*:*:*:*:*:*:*",
              "matchCriteriaId": "68B14008-5E0A-4187-AF93-DE2FF5BA5921",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:-:*:*:*:*:*:*",
              "matchCriteriaId": "38C3AEB0-59E2-400A-8943-60C0A223B680",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:juniper:ctpview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2953793-3D79-4128-A841-EDAF50095FF6",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:juniper:ctpview:7.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D6B30D89-FF23-4818-A63D-7DE5C3328165",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon."
    },
    {
      "lang": "es",
      "value": "multipath-tools en SUSE openSUSE v10.3 hasta v11.0 y SUSE Linux Enterprise Server (SLES) v10 utiliza permisos de escritura a todos para el fichero del socket (tambi\u00e9n conocido como /var/run/multipathd.sock), permitiendo a usuarios locales enviar comandos de su elecci\u00f3n al demonio \"multipath\"."
    }
  ],
  "id": "CVE-2009-0115",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2009-03-30T16:30:00.343",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Exploit"
      ],
      "url": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://launchpad.net/bugs/cve/2009-0115"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34418"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34642"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34694"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34710"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34759"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38794"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1767"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0528"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Exploit"
      ],
      "url": "http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://launchpad.net/bugs/cve/2009-0115"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34418"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34642"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34694"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34710"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/34759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-128.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1767"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0528"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-732"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

RHSA-2009:0411

Vulnerability from csaf_redhat - Published: 2009-04-07 19:03 - Updated: 2025-11-21 17:34

Summary

Red Hat Security Advisory: device-mapper-multipath security update

Notes

Topic

Updated device-mapper-multipath packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

Details

The device-mapper multipath packages provide tools to manage multipath devices by issuing instructions to the device-mapper multipath kernel module, and by managing the creation and removal of partitions for device-mapper devices. It was discovered that the multipathd daemon set incorrect permissions on the socket used to communicate with command line clients. An unprivileged, local user could use this flaw to send commands to multipathd, resulting in access disruptions to storage devices accessible via multiple paths and, possibly, file system corruption on these devices. (CVE-2009-0115) Users of device-mapper-multipath are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. The multipathd service must be restarted for the changes to take effect. Important: the version of the multipathd daemon in Red Hat Enterprise Linux 5 has a known issue which may cause a machine to become unresponsive when the multipathd service is stopped. This issue is tracked in the Bugzilla bug #494582; a link is provided in the References section of this erratum. Until this issue is resolved, we recommend restarting the multipathd service by issuing the following commands in sequence: # killall -KILL multipathd # service multipathd restart

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated device-mapper-multipath packages that fix a security issue are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The device-mapper multipath packages provide tools to manage multipath\ndevices by issuing instructions to the device-mapper multipath kernel\nmodule, and by managing the creation and removal of partitions for\ndevice-mapper devices.\n\nIt was discovered that the multipathd daemon set incorrect permissions on\nthe socket used to communicate with command line clients. An unprivileged,\nlocal user could use this flaw to send commands to multipathd, resulting in\naccess disruptions to storage devices accessible via multiple paths and,\npossibly, file system corruption on these devices. (CVE-2009-0115)\n\nUsers of device-mapper-multipath are advised to upgrade to these updated\npackages, which contain a backported patch to resolve this issue. The\nmultipathd service must be restarted for the changes to take effect.\n\nImportant: the version of the multipathd daemon in Red Hat Enterprise Linux\n5 has a known issue which may cause a machine to become unresponsive when\nthe multipathd service is stopped. This issue is tracked in the Bugzilla\nbug #494582; a link is provided in the References section of this erratum.\nUntil this issue is resolved, we recommend restarting the multipathd\nservice by issuing the following commands in sequence:\n\n\t# killall -KILL multipathd\n\n\t# service multipathd restart",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2009:0411",
        "url": "https://access.redhat.com/errata/RHSA-2009:0411"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=494582",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=494582"
      },
      {
        "category": "external",
        "summary": "493330",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=493330"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_0411.json"
      }
    ],
    "title": "Red Hat Security Advisory: device-mapper-multipath security update",
    "tracking": {
      "current_release_date": "2025-11-21T17:34:29+00:00",
      "generator": {
        "date": "2025-11-21T17:34:29+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHSA-2009:0411",
      "initial_release_date": "2009-04-07T19:03:00+00:00",
      "revision_history": [
        {
          "date": "2009-04-07T19:03:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2009-04-07T15:04:27+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:34:29+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 4",
                  "product_id": "4AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop version 4",
                  "product_id": "4Desktop",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 4",
                  "product_id": "4ES",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 4",
                  "product_id": "4WS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                  "product_id": "5Client",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5 server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5 server)",
                  "product_id": "5Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.5-31.el4_7.1?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
                  "product_id": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.5-31.el4_7.1?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
                  "product_id": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.7-23.el5_3.2?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.7-23.el5_3.2?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpartx-0:0.4.7-23.el5_3.2.ia64",
                "product": {
                  "name": "kpartx-0:0.4.7-23.el5_3.2.ia64",
                  "product_id": "kpartx-0:0.4.7-23.el5_3.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpartx@0.4.7-23.el5_3.2?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.5-31.el4_7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
                  "product_id": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.5-31.el4_7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
                  "product_id": "device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.7-23.el5_3.2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.7-23.el5_3.2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpartx-0:0.4.7-23.el5_3.2.x86_64",
                "product": {
                  "name": "kpartx-0:0.4.7-23.el5_3.2.x86_64",
                  "product_id": "kpartx-0:0.4.7-23.el5_3.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpartx@0.4.7-23.el5_3.2?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.5-31.el4_7.1?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
                  "product_id": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.5-31.el4_7.1?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
                  "product_id": "device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.7-23.el5_3.2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.7-23.el5_3.2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpartx-0:0.4.7-23.el5_3.2.i386",
                "product": {
                  "name": "kpartx-0:0.4.7-23.el5_3.2.i386",
                  "product_id": "kpartx-0:0.4.7-23.el5_3.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpartx@0.4.7-23.el5_3.2?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
                  "product_id": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.5-31.el4_7.1?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
                  "product_id": "device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.7-23.el5_3.2?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.5-31.el4_7.1?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
                  "product_id": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.5-31.el4_7.1?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
                  "product_id": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.7-23.el5_3.2?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.7-23.el5_3.2?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpartx-0:0.4.7-23.el5_3.2.ppc",
                "product": {
                  "name": "kpartx-0:0.4.7-23.el5_3.2.ppc",
                  "product_id": "kpartx-0:0.4.7-23.el5_3.2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpartx@0.4.7-23.el5_3.2?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.5-31.el4_7.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
                  "product_id": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.5-31.el4_7.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
                  "product_id": "device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.7-23.el5_3.2?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.7-23.el5_3.2?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpartx-0:0.4.7-23.el5_3.2.s390x",
                "product": {
                  "name": "kpartx-0:0.4.7-23.el5_3.2.s390x",
                  "product_id": "kpartx-0:0.4.7-23.el5_3.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpartx@0.4.7-23.el5_3.2?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.5-31.el4_7.1?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
                  "product_id": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.5-31.el4_7.1?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.src"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.src"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.src"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kpartx-0:0.4.7-23.el5_3.2.i386"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kpartx-0:0.4.7-23.el5_3.2.ia64"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kpartx-0:0.4.7-23.el5_3.2.ppc"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kpartx-0:0.4.7-23.el5_3.2.s390x"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kpartx-0:0.4.7-23.el5_3.2.x86_64"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.src as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.src"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:kpartx-0:0.4.7-23.el5_3.2.i386"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:kpartx-0:0.4.7-23.el5_3.2.ia64"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:kpartx-0:0.4.7-23.el5_3.2.ppc"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:kpartx-0:0.4.7-23.el5_3.2.s390x"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:kpartx-0:0.4.7-23.el5_3.2.x86_64"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.x86_64",
        "relates_to_product_reference": "5Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2009-0115",
      "discovery_date": "2009-03-30T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "493330"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "device-mapper-multipath: insecure permissions on multipathd.sock",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
          "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
          "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
          "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
          "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
          "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
          "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
          "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
          "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
          "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
          "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
          "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
          "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
          "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
          "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
          "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
          "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
          "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
          "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
          "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
          "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
          "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
          "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
          "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
          "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
          "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
          "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
          "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
          "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
          "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
          "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
          "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
          "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
          "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
          "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
          "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
          "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
          "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
          "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
          "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
          "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
          "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
          "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
          "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
          "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
          "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
          "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
          "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
          "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
          "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
          "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
          "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
          "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
          "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
          "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
          "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
          "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
          "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
          "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
          "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
          "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
          "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
          "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
          "5Client:kpartx-0:0.4.7-23.el5_3.2.i386",
          "5Client:kpartx-0:0.4.7-23.el5_3.2.ia64",
          "5Client:kpartx-0:0.4.7-23.el5_3.2.ppc",
          "5Client:kpartx-0:0.4.7-23.el5_3.2.s390x",
          "5Client:kpartx-0:0.4.7-23.el5_3.2.x86_64",
          "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
          "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
          "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
          "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
          "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
          "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
          "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
          "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
          "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
          "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
          "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
          "5Server:kpartx-0:0.4.7-23.el5_3.2.i386",
          "5Server:kpartx-0:0.4.7-23.el5_3.2.ia64",
          "5Server:kpartx-0:0.4.7-23.el5_3.2.ppc",
          "5Server:kpartx-0:0.4.7-23.el5_3.2.s390x",
          "5Server:kpartx-0:0.4.7-23.el5_3.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-0115"
        },
        {
          "category": "external",
          "summary": "RHBZ#493330",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=493330"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0115",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-0115"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0115",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0115"
        }
      ],
      "release_date": "2009-03-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-04-07T19:03:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.i386",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.ia64",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.ppc",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.s390x",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.x86_64",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.i386",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.ia64",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.ppc",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.s390x",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:0411"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "products": [
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.i386",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.ia64",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.ppc",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.s390x",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.x86_64",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.i386",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.ia64",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.ppc",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.s390x",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "device-mapper-multipath: insecure permissions on multipathd.sock"
    }
  ]
}

RHSA-2009_0411

Vulnerability from csaf_redhat - Published: 2009-04-07 19:03 - Updated: 2024-11-22 02:39

Summary

Red Hat Security Advisory: device-mapper-multipath security update

Notes

Topic

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated device-mapper-multipath packages that fix a security issue are now\navailable for Red Hat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The device-mapper multipath packages provide tools to manage multipath\ndevices by issuing instructions to the device-mapper multipath kernel\nmodule, and by managing the creation and removal of partitions for\ndevice-mapper devices.\n\nIt was discovered that the multipathd daemon set incorrect permissions on\nthe socket used to communicate with command line clients. An unprivileged,\nlocal user could use this flaw to send commands to multipathd, resulting in\naccess disruptions to storage devices accessible via multiple paths and,\npossibly, file system corruption on these devices. (CVE-2009-0115)\n\nUsers of device-mapper-multipath are advised to upgrade to these updated\npackages, which contain a backported patch to resolve this issue. The\nmultipathd service must be restarted for the changes to take effect.\n\nImportant: the version of the multipathd daemon in Red Hat Enterprise Linux\n5 has a known issue which may cause a machine to become unresponsive when\nthe multipathd service is stopped. This issue is tracked in the Bugzilla\nbug #494582; a link is provided in the References section of this erratum.\nUntil this issue is resolved, we recommend restarting the multipathd\nservice by issuing the following commands in sequence:\n\n\t# killall -KILL multipathd\n\n\t# service multipathd restart",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2009:0411",
        "url": "https://access.redhat.com/errata/RHSA-2009:0411"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "https://bugzilla.redhat.com/show_bug.cgi?id=494582",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=494582"
      },
      {
        "category": "external",
        "summary": "493330",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=493330"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_0411.json"
      }
    ],
    "title": "Red Hat Security Advisory: device-mapper-multipath security update",
    "tracking": {
      "current_release_date": "2024-11-22T02:39:34+00:00",
      "generator": {
        "date": "2024-11-22T02:39:34+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2009:0411",
      "initial_release_date": "2009-04-07T19:03:00+00:00",
      "revision_history": [
        {
          "date": "2009-04-07T19:03:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2009-04-07T15:04:27+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T02:39:34+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux AS version 4",
                  "product_id": "4AS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::as"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop version 4",
                  "product_id": "4Desktop",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ES version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux ES version 4",
                  "product_id": "4ES",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::es"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux WS version 4",
                "product": {
                  "name": "Red Hat Enterprise Linux WS version 4",
                  "product_id": "4WS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                  "product_id": "5Client",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5 server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5 server)",
                  "product_id": "5Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.5-31.el4_7.1?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
                  "product_id": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.5-31.el4_7.1?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
                  "product_id": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.7-23.el5_3.2?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.7-23.el5_3.2?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpartx-0:0.4.7-23.el5_3.2.ia64",
                "product": {
                  "name": "kpartx-0:0.4.7-23.el5_3.2.ia64",
                  "product_id": "kpartx-0:0.4.7-23.el5_3.2.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpartx@0.4.7-23.el5_3.2?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.5-31.el4_7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
                  "product_id": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.5-31.el4_7.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
                  "product_id": "device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.7-23.el5_3.2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.7-23.el5_3.2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpartx-0:0.4.7-23.el5_3.2.x86_64",
                "product": {
                  "name": "kpartx-0:0.4.7-23.el5_3.2.x86_64",
                  "product_id": "kpartx-0:0.4.7-23.el5_3.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpartx@0.4.7-23.el5_3.2?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.5-31.el4_7.1?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
                  "product_id": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.5-31.el4_7.1?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
                  "product_id": "device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.7-23.el5_3.2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.7-23.el5_3.2?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpartx-0:0.4.7-23.el5_3.2.i386",
                "product": {
                  "name": "kpartx-0:0.4.7-23.el5_3.2.i386",
                  "product_id": "kpartx-0:0.4.7-23.el5_3.2.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpartx@0.4.7-23.el5_3.2?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
                  "product_id": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.5-31.el4_7.1?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
                  "product_id": "device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.7-23.el5_3.2?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.5-31.el4_7.1?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
                  "product_id": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.5-31.el4_7.1?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
                  "product_id": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.7-23.el5_3.2?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.7-23.el5_3.2?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpartx-0:0.4.7-23.el5_3.2.ppc",
                "product": {
                  "name": "kpartx-0:0.4.7-23.el5_3.2.ppc",
                  "product_id": "kpartx-0:0.4.7-23.el5_3.2.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpartx@0.4.7-23.el5_3.2?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.5-31.el4_7.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
                  "product_id": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.5-31.el4_7.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
                  "product_id": "device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.7-23.el5_3.2?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.7-23.el5_3.2?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpartx-0:0.4.7-23.el5_3.2.s390x",
                "product": {
                  "name": "kpartx-0:0.4.7-23.el5_3.2.s390x",
                  "product_id": "kpartx-0:0.4.7-23.el5_3.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpartx@0.4.7-23.el5_3.2?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
                "product": {
                  "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
                  "product_id": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath-debuginfo@0.4.5-31.el4_7.1?arch=s390"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
                "product": {
                  "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
                  "product_id": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/device-mapper-multipath@0.4.5-31.el4_7.1?arch=s390"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
          "product_id": "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4AS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.src"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
          "product_id": "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4Desktop"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.src"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
          "product_id": "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4ES"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
          "product_id": "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
        "relates_to_product_reference": "4WS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.src"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kpartx-0:0.4.7-23.el5_3.2.i386"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.i386",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kpartx-0:0.4.7-23.el5_3.2.ia64"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.ia64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kpartx-0:0.4.7-23.el5_3.2.ppc"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.ppc",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kpartx-0:0.4.7-23.el5_3.2.s390x"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.s390x",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:kpartx-0:0.4.7-23.el5_3.2.x86_64"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.x86_64",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.src as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.src"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64"
        },
        "product_reference": "device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64"
        },
        "product_reference": "device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:kpartx-0:0.4.7-23.el5_3.2.i386"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.i386",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:kpartx-0:0.4.7-23.el5_3.2.ia64"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.ia64",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:kpartx-0:0.4.7-23.el5_3.2.ppc"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.ppc",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:kpartx-0:0.4.7-23.el5_3.2.s390x"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.s390x",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpartx-0:0.4.7-23.el5_3.2.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:kpartx-0:0.4.7-23.el5_3.2.x86_64"
        },
        "product_reference": "kpartx-0:0.4.7-23.el5_3.2.x86_64",
        "relates_to_product_reference": "5Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2009-0115",
      "discovery_date": "2009-03-30T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "493330"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "device-mapper-multipath: insecure permissions on multipathd.sock",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
          "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
          "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
          "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
          "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
          "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
          "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
          "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
          "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
          "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
          "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
          "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
          "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
          "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
          "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
          "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
          "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
          "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
          "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
          "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
          "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
          "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
          "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
          "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
          "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
          "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
          "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
          "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
          "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
          "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
          "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
          "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
          "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
          "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
          "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
          "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
          "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
          "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
          "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
          "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
          "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
          "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
          "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
          "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
          "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
          "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
          "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
          "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
          "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
          "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
          "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
          "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
          "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
          "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
          "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
          "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
          "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
          "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
          "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
          "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
          "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
          "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
          "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
          "5Client:kpartx-0:0.4.7-23.el5_3.2.i386",
          "5Client:kpartx-0:0.4.7-23.el5_3.2.ia64",
          "5Client:kpartx-0:0.4.7-23.el5_3.2.ppc",
          "5Client:kpartx-0:0.4.7-23.el5_3.2.s390x",
          "5Client:kpartx-0:0.4.7-23.el5_3.2.x86_64",
          "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
          "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
          "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
          "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
          "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
          "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
          "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
          "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
          "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
          "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
          "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
          "5Server:kpartx-0:0.4.7-23.el5_3.2.i386",
          "5Server:kpartx-0:0.4.7-23.el5_3.2.ia64",
          "5Server:kpartx-0:0.4.7-23.el5_3.2.ppc",
          "5Server:kpartx-0:0.4.7-23.el5_3.2.s390x",
          "5Server:kpartx-0:0.4.7-23.el5_3.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2009-0115"
        },
        {
          "category": "external",
          "summary": "RHBZ#493330",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=493330"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2009-0115",
          "url": "https://www.cve.org/CVERecord?id=CVE-2009-0115"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0115",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0115"
        }
      ],
      "release_date": "2009-03-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2009-04-07T19:03:00+00:00",
          "details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network.  Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
          "product_ids": [
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.i386",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.ia64",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.ppc",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.s390x",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.x86_64",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.i386",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.ia64",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.ppc",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.s390x",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2009:0411"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.2,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "products": [
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4AS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4AS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4Desktop:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4Desktop:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4ES:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4ES:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.i386",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ia64",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.ppc",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.s390x",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.src",
            "4WS:device-mapper-multipath-0:0.4.5-31.el4_7.1.x86_64",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.i386",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ia64",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.ppc",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.s390x",
            "4WS:device-mapper-multipath-debuginfo-0:0.4.5-31.el4_7.1.x86_64",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
            "5Client:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
            "5Client:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.i386",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.ia64",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.ppc",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.s390x",
            "5Client:kpartx-0:0.4.7-23.el5_3.2.x86_64",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.i386",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ia64",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.ppc",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.s390x",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.src",
            "5Server:device-mapper-multipath-0:0.4.7-23.el5_3.2.x86_64",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.i386",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ia64",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.ppc",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.s390x",
            "5Server:device-mapper-multipath-debuginfo-0:0.4.7-23.el5_3.2.x86_64",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.i386",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.ia64",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.ppc",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.s390x",
            "5Server:kpartx-0:0.4.7-23.el5_3.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "device-mapper-multipath: insecure permissions on multipathd.sock"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2009-0115 (GCVE-0-2009-0115)

Description

Solution

Description

Solution

Solution

Solution

Tags

Sightings

Nomenclature