ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2011-12-14 19:57
Updated : 2022-02-03 11:59
NVD link : CVE-2011-4339
Mitre link : CVE-2011-4339
JSON object : View
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource
Products Affected
ipmitool_project
- ipmitool
redhat
- enterprise_linux