Lucene search
K

152 matches found

OSV
OSV
added 2011/12/31 12:0 a.m.27 views

DSA-2376-2 ipmitool - insecure pid file

Bulletin has no description...

3.6CVSS5.9AI score0.00434EPSS
Exploits0
OSV
OSV
added 2011/12/30 12:0 a.m.28 views

DSA-2376-1 ipmitool - insecure pid file

Bulletin has no description...

3.6CVSS5.9AI score0.00434EPSS
Exploits0
NVD
NVD
added 2011/12/15 3:57 a.m.20 views

CVE-2011-4339

ipmievd aka the IPMI event daemon in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux RHEL 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this fil...

3.6CVSS6.2AI score0.00434EPSS
Exploits0References15
Prion
Prion
added 2011/12/15 3:57 a.m.21 views

Code injection

ipmievd aka the IPMI event daemon in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux RHEL 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this fil...

3.6CVSS6.6AI score0.00434EPSS
Exploits0References15Affected Software1
UbuntuCve
UbuntuCve
added 2011/12/15 3:57 a.m.45 views

CVE-2011-4339

ipmievd aka the IPMI event daemon in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux RHEL 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this fil...

3.6CVSS6AI score0.00434EPSS
Exploits0References1
Cvelist
Cvelist
added 2011/12/15 2:0 a.m.24 views

CVE-2011-4339

ipmievd aka the IPMI event daemon in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux RHEL 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this fil...

6AI score0.00434EPSS
Exploits0References15
Debian CVE
Debian CVE
added 2011/12/15 2:0 a.m.27 views

CVE-2011-4339

ipmievd aka the IPMI event daemon in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux RHEL 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this fil...

3.6CVSS6.1AI score0.00434EPSS
Exploits0
OSV
OSV
added 2011/05/20 10:55 p.m.1 views

DEBIAN-CVE-2011-1784

The pidfilewrite function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the 1 keepalived.pid, 2 checkers.pid, and 3 vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files...

3.6CVSS6.7AI score0.00367EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2011/05/20 10:55 p.m.21 views

CVE-2011-1784

The pidfilewrite function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the 1 keepalived.pid, 2 checkers.pid, and 3 vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files...

3.6CVSS5.9AI score0.00367EPSS
Exploits0References2
Cvelist
Cvelist
added 2011/05/20 10:0 p.m.26 views

CVE-2011-1784

The pidfilewrite function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the 1 keepalived.pid, 2 checkers.pid, and 3 vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files...

6AI score0.00367EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2009/07/06 12:0 a.m.85 views

HP DDMI on Windows Unspecified Remote Agent Access

The remote host is running an HP Discovery & Dependency Mapping Inventory DDMI agent to facilitate communications between a central DDMI server and workstations that are part of the deployed inventory process. The version of the agent on the remote host fails to check for a valid SSL certificate...

4CVSS5.6AI score0.01758EPSS
Exploits0References3
Prion
Prion
added 2009/02/02 10:30 p.m.16 views

Design/Logic Flaw

Argument injection vulnerability in Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program...

7.2CVSS7AI score0.00938EPSS
Exploits6References1Affected Software1
NVD
NVD
added 2009/02/02 10:30 p.m.10 views

CVE-2009-0390

Argument injection vulnerability in Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program...

7.2CVSS6.6AI score0.00938EPSS
Exploits6References1
Cvelist
Cvelist
added 2009/02/02 10:0 p.m.42 views

CVE-2009-0390

Argument injection vulnerability in Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program...

6.6AI score0.00938EPSS
Exploits6References1
CVE
CVE
added 2009/02/02 10:0 p.m.50 views

CVE-2009-0390

CVE-2009-0390 concerns Enomaly ECP/Enomalism (pre-2.2.1) with local vulnerabilities in enomalism2.sh, where insecure temporary file handling enables argument injection into kill and signaling of arbitrary processes via the /tmp/enomalism2.pid PIDFILE. Connected sources describe a race condition o...

7.2CVSS6.6AI score0.00938EPSS
Exploits6References1Affected Software1
Prion
Prion
added 2008/07/29 6:41 p.m.19 views

Code injection

The Probe Builder Service aka PBOVISServer.exe in European Performance Systems EPS Probe Builder 2.2 before A.02.20.901, as used in HP OpenView Internet Services OVIS on Windows, allows remote attackers to kill arbitrary processes via a process ID number in an unspecified opcode...

7.8CVSS7.2AI score0.03071EPSS
Exploits1References10Affected Software1
NVD
NVD
added 2008/07/29 6:41 p.m.23 views

CVE-2008-1667

The Probe Builder Service aka PBOVISServer.exe in European Performance Systems EPS Probe Builder 2.2 before A.02.20.901, as used in HP OpenView Internet Services OVIS on Windows, allows remote attackers to kill arbitrary processes via a process ID number in an unspecified opcode...

7.8CVSS6.7AI score0.03071EPSS
Exploits1References10
CVE
CVE
added 2008/07/29 6:0 p.m.45 views

CVE-2008-1667

The CVE concerns HP OpenView Internet Services’ Probe Builder (EPS Probe Builder 2.2) on Windows where PBOVISServer.exe exposes an opcode allowing remote, unauthenticated termination of arbitrary processes by PID. Affected: EPS Probe Builder 2.2 prior to A.02.20.901 (used with HP OVIS). Impact: r...

7.8CVSS6.6AI score0.03071EPSS
Exploits1References10Affected Software2
Cvelist
Cvelist
added 2008/07/29 6:0 p.m.23 views

CVE-2008-1667

The Probe Builder Service aka PBOVISServer.exe in European Performance Systems EPS Probe Builder 2.2 before A.02.20.901, as used in HP OpenView Internet Services OVIS on Windows, allows remote attackers to kill arbitrary processes via a process ID number in an unspecified opcode...

6.7AI score0.03071EPSS
Exploits1References10
RedHat Linux
RedHat Linux
added 2008/05/20 2:12 p.m.4 views

httpd scoreboard lack of PID protection

Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the workerscore and processscore arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the master process, aka "SIGUSR1 killer."...

4.7CVSS7.3AI score0.03298EPSS
Exploits2References4
Rows per page
Query Builder