CVE-2008-4192

cman 2.20080629 and 2.20080801 - Arbitrary File Write via Symlink Attack on /tmp/eglog

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-4192.

AI-analyzed exploit summary This Metasploit module exploits a vulnerability in Adobe Flash Player versions 10.3.181.23 and earlier by leveraging a failure in the ActionScript3 AVM2 verification logic, allowing arbitrary code execution. It bypasses ASLR/DEP and is designed to work across multiple browsers and Windows platforms.

Description

The pserver_shutdown function in fence_egenera in cman 2.20080629 and 2.20080801 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/eglog temporary file.

Exploits (1)

exploitdb WORKING POC
rubyremotewindows
https://www.exploit-db.com/exploits/19295

This Metasploit module exploits a vulnerability in Adobe Flash Player versions 10.3.181.23 and earlier by leveraging a failure in the ActionScript3 AVM2 verification logic, allowing arbitrary code execution. It bypasses ASLR/DEP and is designed to work across multiple browsers and Windows platforms.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Adobe Flash Player <= 10.3.181.23
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit · Adobe Flash Player must be installed and vulnerable
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (18)

Core 18
Core References
Issue Tracking x_refsource_confirm
https://bugs.gentoo.org/show_bug.cgi?id=235770
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/30898
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32390
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/10/30/2
Various Sources x_refsource_confirm
http://dev.gentoo.org/~rbu/security/debiantemp/cman
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/32387
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31887
Various Sources x_refsource_misc
http://uvw.ru/report.lenny.txt
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/44845
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0419
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-875-1
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=460476
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/09/18/3
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2008/09/24/2
Issue Tracking x_refsource_confirm
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496410
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43362
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-0266.html

Scores

EPSS 0.0013
EPSS Percentile 32.3%

Details

CWE
CWE-59
Status published
Products (2)
redhat/cman 2.20080629
redhat/cman 2.20080801
Published Sep 29, 2008
Tracked Since Feb 18, 2026