Описание
ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | OpenIPMI | Not affected | ||
| Red Hat Enterprise Linux 5 | OpenIPMI | Fixed | RHSA-2013:0123 | 08.01.2013 |
| Red Hat Enterprise Linux 6 | ipmitool | Fixed | RHSA-2011:1814 | 13.12.2011 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.7 Medium
CVSS2
Связанные уязвимости
ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file.
ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file.
ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmito ...
ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file.
ELSA-2013-0123: OpenIPMI security, bug fix, and enhancement update (LOW)
EPSS
4.7 Medium
CVSS2