CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 1CVE-2020-5208 – remote code execution vulnerability in ipmitool
https://notcve.org/view.php?id=CVE-2020-5208
05 Feb 2020 — It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19. Se detectó que varias funciones en ipmitool versiones anteriores a 1.8.19, descuidan la comprobación apropiada de los datos recibidos desde una parte de la LAN remota,... • https://packetstorm.news/files/id/160875 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2011-4339 – OpenIPMI: IPMI event daemon creates PID file with world writeable permissions
https://notcve.org/view.php?id=CVE-2011-4339
15 Dec 2011 — ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file. ipmievd (demonio de eventos IPMI) de OpenIPMI, tal como se utiliza en el paquete ipmitool 1.8.11 de Red Hat Enterprise Linux (RHEL) 6, utiliza permisos 0666 para su archivo PID ipmievd.pid, lo que permite a u... • http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071575.html • CWE-732: Incorrect Permission Assignment for Critical Resource •