Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-5208

Опубликовано: 05 фев. 2020
Источник: debian

Описание

It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
ipmitoolfixed1.8.18-10.1package
ipmitoolfixed1.8.18-6+deb10u1busterpackage

Примечания

  • https://github.com/ipmitool/ipmitool/security/advisories/GHSA-g659-9qxw-p7cp

  • https://github.com/ipmitool/ipmitool/commit/e824c23316ae50beb7f7488f2055ac65e8b341f2

  • https://github.com/ipmitool/ipmitool/commit/840fb1cbb4fb365cb9797300e3374d4faefcdb10

  • https://github.com/ipmitool/ipmitool/commit/41d7026946fafbd4d1ec0bcaca3ea30a6e8eed22

  • https://github.com/ipmitool/ipmitool/commit/9452be87181a6e83cfcc768b3ed8321763db50e4

  • https://github.com/ipmitool/ipmitool/commit/d45572d71e70840e0d4c50bf48218492b79c1a10

  • https://github.com/ipmitool/ipmitool/commit/7ccea283dd62a05a320c1921e3d8d71a87772637

Связанные уязвимости

ubuntu логотип

CVE-2020-5208

CVSS3: 7.7
ubuntu
около 6 лет назад

It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19.

redhat логотип

CVE-2020-5208

CVSS3: 8.1
redhat
около 6 лет назад

It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19.

nvd логотип

CVE-2020-5208

CVSS3: 7.7
nvd
около 6 лет назад

It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19.

msrc логотип

CVE-2020-5208

CVSS3: 8.8
msrc
больше 5 лет назад

remote code execution vulnerability in ipmitool

suse-cvrf логотип

openSUSE-SU-2020:0247-1

suse-cvrf
почти 6 лет назад

Security update for ipmitool