OpenIPMI 'ipmievd' Daemon PID Files Insecure File Permissions Vulnerability

Bugtraq ID: 51036
Class: Design Error
CVE: CVE-2011-4339
Remote: No
Local: Yes
Published: Dec 13 2011 12:00AM
Updated: Apr 05 2013 09:58PM
Credit: Masahiro Matsuya
Vulnerable: Xerox FreeFlow Print Server (FFPS) 73.C0.41
Xerox FreeFlow Print Server (FFPS) 73.B3.61
Sun Solaris 11
Sun Solaris 10
RedHat Enterprise Linux Desktop Workstation 5 client
Red Hat Fedora 16
Red Hat Fedora 15
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Desktop Optional 6
Red Hat Enterprise Linux Desktop 5 client
Red Hat Enterprise Linux 5 Server
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
Oracle Enterprise Linux 5
OpenIPMI OpenIPMI 0
Mandriva Linux Mandrake 2011 x86_64
Mandriva Linux Mandrake 2011
Mandriva Linux Mandrake 2010.1 x86_64
Mandriva Linux Mandrake 2010.1
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
IPMItool IPMItool 1.8.11
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
CentOS CentOS 5
Avaya IQ 4.1
Avaya IQ 5.2
Avaya IQ 5.1.1
Avaya IQ 5.1
Avaya IQ 5
Avaya IQ 4.2
Avaya IQ 4.0
Avaya Aura System Platform 6.0
Avaya Aura System Platform 1.1
Avaya Aura System Manager 6.1
Avaya Aura System Manager 6.0
Avaya Aura System Manager 5.2
Avaya Aura Session Manager 6.2.1
Avaya Aura Session Manager 6.1.3
Avaya Aura Session Manager 6.1.2
Avaya Aura Session Manager 6.1.1
Avaya Aura Session Manager 6.2
Avaya Aura Session Manager 6.1 SP2
Avaya Aura Session Manager 6.1 Sp1
Avaya Aura Session Manager 6.1
Avaya Aura Session Manager 6.0 SP1
Avaya Aura Session Manager 6.0
Avaya Aura Session Manager 5.2 SP2
Avaya Aura Session Manager 5.2 SP1
Avaya Aura Session Manager 5.2
Avaya Aura Presence Services 6.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus