CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0CVE-2012-5530
https://notcve.org/view.php?id=CVE-2012-5530
29 Nov 2012 — The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot (PCP) before 3.6.10 allow local users to overwrite arbitrary files via a symlink attack on a /var/tmp/##### temporary file. Las secuencias de comandos (1) pcmd y (2) pmlogger en Performance Co-Pilot (PCP) v3.6.10, permite a usuarios locales sobrescribir archivos de su elección a través de un ataque de enlace simbólico en un archivo temporal /var/tmp/##### • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00024.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 10%CPEs: 13EXPL: 0CVE-2012-3418
https://notcve.org/view.php?id=CVE-2012-3418
27 Aug 2012 — libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a PDU with the numcreds field value greater than the number of actual elements to the __pmDecodeCreds function in p_creds.c; (2) the string byte number value to the __pmDecodeNameList function in p_pmns.c; (3) the numids value to the __pmDecodeIDList function in p_pmns.c; (4) unspecified vectors to the __pmDecodeProfile function in p_profile.c; the (5) status num... • http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085324.html • CWE-189: Numeric Errors •
CVSS: 9.1EPSS: 0%CPEs: 12EXPL: 0CVE-2012-3419
https://notcve.org/view.php?id=CVE-2012-3419
27 Aug 2012 — Performance Co-Pilot (PCP) before 3.6.5 exports some of the /proc file system, which allows attackers to obtain sensitive information such as proc/pid/maps and command line arguments. Performance Co-Pilot (PCP) anterior a v3.6.5 realiza exportaciones de algunos de los sistema de archivos /proc, que permite a los atacantes obtener información confidencial, como proc / pid / maps y los argumentos de línea de comandos. • http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085324.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 4%CPEs: 13EXPL: 0CVE-2012-3421
https://notcve.org/view.php?id=CVE-2012-3421
27 Aug 2012 — The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP) before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service (pmcd hang) by sending individual bytes of a PDU separately, related to an "event-driven programming flaw." La función pduread en pdu.c en libpcp en Performance Co-Pilot (PCP) anterior a v3.6.5 no realiza el tiempo de espera de conexiones, permitiendo a atacantes remotos provocar una denegación de servicio (pmcd bloquea) mediant... • http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085324.html •
CVSS: 7.5EPSS: 9%CPEs: 13EXPL: 0CVE-2012-3420
https://notcve.org/view.php?id=CVE-2012-3420
27 Aug 2012 — Multiple memory leaks in Performance Co-Pilot (PCP) before 3.6.5 allow remote attackers to cause a denial of service (memory consumption or daemon crash) via a large number of PDUs with (1) a crafted context number to the DoFetch function in pmcd/src/dofetch.c or (2) a negative type value to the __pmGetPDU function in libpcp/src/pdu.c. Múltiples pérdidas de memoria en Performance Co-Pilot (PCP) anterior a v3.6.5 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria o un acciden... • http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085324.html • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 2CVE-2001-0823 – SGI Performance Co-Pilot 2.1.x/2.2 - pmpost Symbolic Link
https://notcve.org/view.php?id=CVE-2001-0823
06 Dec 2001 — The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR). • https://www.exploit-db.com/exploits/20937 •