CVE-2011-4339

OpenIPMI: IPMI event daemon creates PID file with world writeable permissions

Severity Score

3.6

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file.

ipmievd (demonio de eventos IPMI) de OpenIPMI, tal como se utiliza en el paquete ipmitool 1.8.11 de Red Hat Enterprise Linux (RHEL) 6, utiliza permisos 0666 para su archivo PID ipmievd.pid, lo que permite a usuarios locales terminar procesos arbitrarios escribiendo en este fichero.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

Partial

Attack Vector

Local

Attack Complexity

High

Authentication

None

Confidentiality

None

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2011-11-04 CVE Reserved
2011-12-14 CVE Published
2023-03-08 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-732: Incorrect Permission Assignment for Critical Resource

CAPEC

References (16)

URL	Tag	Source
http://openwall.com/lists/oss-security/2011/12/13/1	Mailing List
http://secunia.com/advisories/47173	Broken Link
http://secunia.com/advisories/47228	Broken Link
http://secunia.com/advisories/47376	Broken Link
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html	Third Party Advisory
http://www.securityfocus.com/bid/51036	Third Party Advisory
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf	Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/71763	Third Party Advisory

URL	Date	SRC

URL	Date	SRC
https://bugzilla.redhat.com/show_bug.cgi?id=742837	2013-01-08

URL	Date	SRC
http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071575.html	2022-02-03
http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071580.html	2022-02-03
http://rhn.redhat.com/errata/RHSA-2013-0123.html	2022-02-03
http://www.debian.org/security/2011/dsa-2376	2022-02-03
http://www.mandriva.com/security/advisories?name=MDVSA-2011:196	2022-02-03
http://www.redhat.com/support/errata/RHSA-2011-1814.html	2022-02-03
https://access.redhat.com/security/cve/CVE-2011-4339	2013-01-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Ipmitool Project Search vendor "Ipmitool Project"	Ipmitool Search vendor "Ipmitool Project" for product "Ipmitool"	1.8.11 Search vendor "Ipmitool Project" for product "Ipmitool" and version "1.8.11"	-	Affected	in	Redhat Search vendor "Redhat"	Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux"	6.0 Search vendor "Redhat" for product "Enterprise Linux" and version "6.0"	-	Safe