It was discovered that Performance Co-Pilot (pcp), a framework for
performance monitoring, contains several vulnerabilities.
To address the information disclosure vulnerability,
CVE-2012-3419, a
new proc PMDA was introduced, which is disabled by default. If you
need access to this information, you need to enable the proc PMDA.
For the stable distribution (squeeze), this problem has been fixed in
version 3.3.3-squeeze2.
For the unstable distribution (sid), this problem has been fixed in
version 3.6.5.
We recommend that you upgrade your pcp packages.
CPE | Name | Operator | Version |
---|---|---|---|
pcp | eq | 3.3.3 | |
pcp | eq | 3.3.3-squeeze1 |