CVE-2009-0115

EPSS 0.08% · P24 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2009-0115

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Device Mapper Device Mapper多路径驱动程序权限许可和访问控制漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Device Mapper multipath-tools软件包是提供工具来管理发出指示设备映射多路径内核模块多路设备，通过建立和删除的设备的分区来实现设备映射。当在SUSE openSUSE，SUSE Linux Enterprise Server(SLES)，Fedora和其他操作系统中使用时，Device Mapper多路径驱动程序0.4.8版本为套接字文件(又称/var/run/multipathd.sock)使用全局可写权限。本地用户可利用此漏洞发送任意指令到多路径后台程序。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2009-0115

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2009-0115

请登录查看更多情报信息。

http://support.avaya.com/elmodocs2/security/ASA-2009-128.htmx_refsource_CONFIRM
http://download.opensuse.org/update/10.3-test/repodata/patch-kpartx-6082.xmlx_refsource_CONFIRM
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705x_refsource_CONFIRM
http://launchpad.net/bugs/cve/2009-0115x_refsource_MISC
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691x_refsource_CONFIRM
http://secunia.com/advisories/34694third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/34710third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/34642third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/34418third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/34759third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/38794third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2009/dsa-1767vendor-advisoryx_refsource_DEBIAN
http://www.vupen.com/english/advisories/2010/0528vdb-entryx_refsource_VUPEN
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.htmlvendor-advisoryx_refsource_SUSE
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00236.htmlvendor-advisoryx_refsource_FEDORA
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00231.htmlvendor-advisoryx_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.htmlvendor-advisoryx_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9214vdb-entrysignaturex_refsource_OVAL
http://lists.vmware.com/pipermail/security-announce/2010/000082.htmlmailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2009-0115

Same Patch Batch · n/a · 2009-03-30 · 28 CVEs total

CVE-2008-6537		LightNEasy 'LightNEasy/lightneasy.php'信息泄露漏洞
CVE-2008-6550		Davidbourrier Glossaire 'glossaire.php'跨站脚本攻击漏洞
CVE-2008-6549		MoinMoin 'config/multiconfig.py'拒绝服务攻击漏洞
CVE-2008-6548		MoinMoin 'parser/text_rst.py'访问控制授权漏洞
CVE-2008-6547		FormEncode 'schema.py' 安全绕过漏洞
CVE-2008-6546		alecwh phpns 未明漏洞
CVE-2008-6545		Comscripts Web Server Creator 'createdb.php'远程文件包含漏洞
CVE-2008-6544		Simple Machines Forum 'Sources/Subs-Graphics.php和Sources/Themes.php'远程文件漏洞
CVE-2008-6543		Comscripts Quick Classifieds 'DOCUMENT_ROOT'多个远程文件包含漏洞
CVE-2008-6542		DotNetNuke 皮肤管理器远程漏洞
CVE-2008-6541		DotNetNuke 文件管理模块远程文件上传访问控制漏洞
CVE-2008-6540		DotNetNuke 默认'ValidationKey'和 'DecriptionKey' 弱加密漏洞
CVE-2008-6539		Holger_Schurig Destar Add User静态代码注入漏洞
CVE-2008-6538		Holger_Schurig Destar 'config/add/CfgOptUser'请求访问控制漏洞
CVE-2009-1171		Moodle 输入验证错误漏洞
CVE-2008-6536		7-Zip 未明缓冲储存器处理漏洞
CVE-2007-6721		Bouncycastle OpenSSL畸形ASN.1结构处理拒绝服务漏洞
CVE-2009-1170		OpenSolaris Module Debugger Process Cross Zone 本地特权升级漏洞
CVE-2008-6553		Impliedbydesign Micro CMS 'microcms-admin-home.php'安全绕过漏洞
CVE-2008-6552		Red Hat Cluster Project不安全临时文件创建漏洞

Showing top 20 of 28 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2009-0115

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2009-0115

I. Basic Information for CVE-2009-0115

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2009-0115

III. Intelligence Information for CVE-2009-0115

Same Patch Batch · n/a · 2009-03-30 · 28 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2009-0115

Leave a comment