CVE-2012-3418

Debian Security Advisory 2533-1

Severity Score

9.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a PDU with the numcreds field value greater than the number of actual elements to the __pmDecodeCreds function in p_creds.c; (2) the string byte number value to the __pmDecodeNameList function in p_pmns.c; (3) the numids value to the __pmDecodeIDList function in p_pmns.c; (4) unspecified vectors to the __pmDecodeProfile function in p_profile.c; the (5) status number value or (6) string number value to the __pmDecodeNameList function in p_pmns.c; (7) certain input to the __pmDecodeResult function in p_result.c; (8) the name length field (namelen) to the DecodeNameReq function in p_pmns.c; (9) a crafted PDU_FETCH request to the __pmDecodeFetch function in p_fetch.c; (10) the namelen field in the __pmDecodeInstanceReq function in p_instance.c; (11) the buflen field to the __pmDecodeText function in p_text.c; (12) PDU_INSTANCE packets to the __pmDecodeInstance in p_instance.c; or the (13) c_numpmid or (14) v_numval fields to the __pmDecodeLogControl function in p_lcontrol.c, which triggers integer overflows, heap-based buffer overflows, and/or buffer over-reads.

libpcp en Performance Co-Pilot (PCP) anterior a v3.6.5 permite a atacantes remotos provocar una denegación de servicio y posiblemente ejecutar código arbitrario a través de (1) una PDU con el valor del campo numcreds mayor que el número de elementos reales de la función __ pmDecodeCreds en p_creds.c, (2) el byte de valor de cadena número a la función pmDecodeNameList __ en p_pmns.c, (3) el valor numids a la función pmDecodeIDList __ en p_pmns.c; (4) vectores no especificados a la función pmDecodeProfile __ en p_profile.c; el (5) estado de valor o número (6) valor numérico cadena a la función __ pmDecodeNameList en p_pmns.c, (7) de entrada determinado en la función __ pmDecodeResult en p_result.c, (8) el campo longitud del nombre (namelen) a la DecodeNameReq en función p_pmns.c; (9) una solicitud PDU_FETCH diseñados a la función pmDecodeFetch __ en p_fetch.c; (10) el campo namelen en la función __ pmDecodeInstanceReq en p_instance.c; (11) el campo buflen a la función pmDecodeText __ en p_text. c; (12) PDU_INSTANCE paquetes a la __ pmDecodeInstance en p_instance.c; o los campos (13) c_numpmid o (14) v_numval a la función pmDecodeLogControl __ en p_lcontrol.c, que desencadena desbordamientos de enteros, basado en heap desbordamientos de búfer, y / o tampón sobre-lee.

It was discovered that Performance Co-Pilot (pcp), a framework for performance monitoring, contains several vulnerabilities.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2012-06-14 CVE Reserved
2012-08-24 CVE Published
2024-08-06 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-189: Numeric Errors

CAPEC

References (30)

URL	Tag	Source
http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=blob%3Bf=CHANGELOG%3Bh=16c9cbb2f61d909487ea1c3171f4ab33e5648ac5%3Bhb=fe51067ae869a4d59f350ac319b09edcb77ac8e6	X_refsource_confirm
http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=commit%3Bh=b441980d53be1835b25f0cd6bcc0062da82032dd	X_refsource_confirm
http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=commit%3Bh=babd6c5c527f87ec838c13a1b4eba612af6ea27c	X_refsource_confirm
http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=commit%3Bh=e4faa1f0ba29151340920d975fc7639adf8371d5	X_refsource_confirm
http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=commit%3Bh=f190942b552aa80d59bbe718866aa00b8e3fd5cc	X_refsource_confirm
http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=commitdiff%3Bh=49c679c44425915a8d6aa4af5f90b35384843c12	X_refsource_confirm
http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=commitdiff%3Bh=7eb479b91ef12bf89a15b078af2107c8c4746a4a	X_refsource_confirm
http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=commitdiff%3Bh=9f4e392c97ce42744ec73f82268ce6c815fdca0e	X_refsource_confirm
http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=commitdiff%3Bh=bfb3ab8c6b3d75b1a6580feee76a7d0925a3633c	X_refsource_confirm
http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=commitdiff%3Bh=cced6012b4b93bfb640a9678589ced5416743910	X_refsource_confirm
http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=commitdiff%3Bh=f0eaefe046b1061797f45b0c20bb2ac371b504a5	X_refsource_confirm
http://www.openwall.com/lists/oss-security/2012/08/16/1	Mailing List
https://bugzilla.redhat.com/show_bug.cgi?id=840822	X_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=840920	X_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=841112	X_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=841126	X_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=841159	X_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=841180	X_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=841183	X_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=841240	X_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=841249	X_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=841284	X_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=841698	X_refsource_misc

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085324.html	2023-11-07
http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085333.html	2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00024.html	2023-11-07
http://www.debian.org/security/2012/dsa-2533	2023-11-07
https://hermes.opensuse.org/messages/15471040	2023-11-07
https://hermes.opensuse.org/messages/15540133	2023-11-07
https://hermes.opensuse.org/messages/15540172	2023-11-07

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Sgi Search vendor "Sgi"		Performance Co-pilot Search vendor "Sgi" for product "Performance Co-pilot"				<= 3.6.4 Search vendor "Sgi" for product "Performance Co-pilot" and version " <= 3.6.4"		-		Affected
Sgi Search vendor "Sgi"		Performance Co-pilot Search vendor "Sgi" for product "Performance Co-pilot"				2.1.1 Search vendor "Sgi" for product "Performance Co-pilot" and version "2.1.1"		-		Affected
Sgi Search vendor "Sgi"		Performance Co-pilot Search vendor "Sgi" for product "Performance Co-pilot"				2.1.2 Search vendor "Sgi" for product "Performance Co-pilot" and version "2.1.2"		-		Affected
Sgi Search vendor "Sgi"		Performance Co-pilot Search vendor "Sgi" for product "Performance Co-pilot"				2.1.3 Search vendor "Sgi" for product "Performance Co-pilot" and version "2.1.3"		-		Affected
Sgi Search vendor "Sgi"		Performance Co-pilot Search vendor "Sgi" for product "Performance Co-pilot"				2.1.4 Search vendor "Sgi" for product "Performance Co-pilot" and version "2.1.4"		-		Affected
Sgi Search vendor "Sgi"		Performance Co-pilot Search vendor "Sgi" for product "Performance Co-pilot"				2.1.5 Search vendor "Sgi" for product "Performance Co-pilot" and version "2.1.5"		-		Affected
Sgi Search vendor "Sgi"		Performance Co-pilot Search vendor "Sgi" for product "Performance Co-pilot"				2.1.6 Search vendor "Sgi" for product "Performance Co-pilot" and version "2.1.6"		-		Affected
Sgi Search vendor "Sgi"		Performance Co-pilot Search vendor "Sgi" for product "Performance Co-pilot"				2.1.7 Search vendor "Sgi" for product "Performance Co-pilot" and version "2.1.7"		-		Affected
Sgi Search vendor "Sgi"		Performance Co-pilot Search vendor "Sgi" for product "Performance Co-pilot"				2.1.8 Search vendor "Sgi" for product "Performance Co-pilot" and version "2.1.8"		-		Affected
Sgi Search vendor "Sgi"		Performance Co-pilot Search vendor "Sgi" for product "Performance Co-pilot"				2.1.9 Search vendor "Sgi" for product "Performance Co-pilot" and version "2.1.9"		-		Affected
Sgi Search vendor "Sgi"		Performance Co-pilot Search vendor "Sgi" for product "Performance Co-pilot"				2.1.10 Search vendor "Sgi" for product "Performance Co-pilot" and version "2.1.10"		-		Affected
Sgi Search vendor "Sgi"		Performance Co-pilot Search vendor "Sgi" for product "Performance Co-pilot"				2.1.11 Search vendor "Sgi" for product "Performance Co-pilot" and version "2.1.11"		-		Affected
Sgi Search vendor "Sgi"		Performance Co-pilot Search vendor "Sgi" for product "Performance Co-pilot"				2.2 Search vendor "Sgi" for product "Performance Co-pilot" and version "2.2"		-		Affected