Home

CVE-2011-4339

Description

ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file.

Risk Information

Base Score
7.8
MODERATE
Vector
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.061

Associated Vulnerability

VulnerabilityOS Platform
(RHSA-2011:1814) Moderate: ipmitool security update ipmitool-1.8.11-12.el6_2.1.i686.rpmLinux
(RHSA-2011:1814) Moderate: ipmitool security update ipmitool-1.8.11-12.el6_2.1.x86_64.rpmLinux
(RHSA-2013:0123) Low: OpenIPMI security, bug fix, and enhancement update OpenIPMI-2.0.16-16.el5.i386.rpmLinux
(RHSA-2013:0123) Low: OpenIPMI security, bug fix, and enhancement update OpenIPMI-2.0.16-16.el5.x86_64.rpmLinux
(RHSA-2013:0123) Low: OpenIPMI security, bug fix, and enhancement update OpenIPMI-devel-2.0.16-16.el5.i386.rpmLinux
(RHSA-2013:0123) Low: OpenIPMI security, bug fix, and enhancement update OpenIPMI-devel-2.0.16-16.el5.x86_64.rpmLinux
(RHSA-2013:0123) Low: OpenIPMI security, bug fix, and enhancement update OpenIPMI-gui-2.0.16-16.el5.i386.rpmLinux
(RHSA-2013:0123) Low: OpenIPMI security, bug fix, and enhancement update OpenIPMI-gui-2.0.16-16.el5.x86_64.rpmLinux
(RHSA-2013:0123) Low: OpenIPMI security, bug fix, and enhancement update OpenIPMI-libs-2.0.16-16.el5.i386.rpmLinux
(RHSA-2013:0123) Low: OpenIPMI security, bug fix, and enhancement update OpenIPMI-libs-2.0.16-16.el5.x86_64.rpmLinux
(RHSA-2013:0123) Low: OpenIPMI security, bug fix, and enhancement update OpenIPMI-perl-2.0.16-16.el5.i386.rpmLinux
(RHSA-2013:0123) Low: OpenIPMI security, bug fix, and enhancement update OpenIPMI-perl-2.0.16-16.el5.x86_64.rpmLinux
(RHSA-2013:0123) Low: OpenIPMI security, bug fix, and enhancement update OpenIPMI-python-2.0.16-16.el5.i386.rpmLinux
(RHSA-2013:0123) Low: OpenIPMI security, bug fix, and enhancement update OpenIPMI-python-2.0.16-16.el5.x86_64.rpmLinux
(RHSA-2013:0123) Low: OpenIPMI security, bug fix, and enhancement update OpenIPMI-tools-2.0.16-16.el5.i386.rpmLinux
(RHSA-2013:0123) Low: OpenIPMI security, bug fix, and enhancement update OpenIPMI-tools-2.0.16-16.el5.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234