OpenIPMI 'ipmievd' Daemon PID Files Insecure File Permissions Vulnerability

Bugtraq ID: 51036
Class: Design Error
CVE: CVE-2011-4339
Remote: No
Local: Yes
Published: Dec 13 2011 12:00AM
Updated: Jul 29 2016 06:00PM
Credit: Masahiro Matsuya
Vulnerable: Xerox FreeFlow Print Server (FFPS) 73.C5.11
Xerox FreeFlow Print Server (FFPS) 73.C0.41
Xerox FreeFlow Print Server (FFPS) 73.B3.61
Sun Solaris 11
Sun Solaris 10
Redhat Enterprise Linux Workstation 6
Redhat Enterprise Linux Server 6
Redhat Enterprise Linux HPC Node 6
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux Desktop Optional 6
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux 5 Server
Oracle VM Server for x86 3.4
Oracle VM Server for x86 3.3
Oracle VM Server for x86 3.2
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
Oracle Enterprise Linux 5
OpenIPMI OpenIPMI 0
Mandriva Linux Mandrake 2011 x86_64
Mandriva Linux Mandrake 2011
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
IPMItool IPMItool 1.8.11
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
CentOS CentOS 5
Avaya one-X Client Enablement Service 6.1
Avaya IQ 4.1
Avaya IQ 5.2
Avaya IQ 5.1.1
Avaya IQ 5.1
Avaya IQ 5
Avaya IQ 4.2
Avaya IQ 4.0
Avaya Aura System Platform 6.2
Avaya Aura System Platform 6.0
Avaya Aura System Platform 1.0
Avaya Aura System Manager 6.1
Avaya Aura System Manager 6.0
Avaya Aura System Manager 5.2
Avaya Aura Session Manager 6.2.1
Avaya Aura Session Manager 6.1.5
Avaya Aura Session Manager 6.1.3
Avaya Aura Session Manager 6.1.2
Avaya Aura Session Manager 6.1.1
Avaya Aura Session Manager 6.0.1
Avaya Aura Session Manager 6.2.2
Avaya Aura Session Manager 6.2
Avaya Aura Session Manager 6.1 SP2
Avaya Aura Session Manager 6.1 Sp1
Avaya Aura Session Manager 6.1
Avaya Aura Session Manager 6.0 SP1
Avaya Aura Session Manager 6.0
Avaya Aura Session Manager 5.2.1
Avaya Aura Session Manager 5.2 SP2
Avaya Aura Session Manager 5.2 SP1
Avaya Aura Session Manager 5.2
Avaya Aura Presence Services 6.1 SP1
Avaya Aura Presence Services 6.0
Not Vulnerable: Avaya Aura Session Manager 6.3
Avaya Aura Presence Services 6.1 SP2


 

Privacy Statement
Copyright 2010, SecurityFocus