MiracleLinux 4 : ibutils-1.5.7-8.AXS4, libibverbs-1.1.7-1.AXS4, libmlx4-1.0.5-4.AXS4.1, librdmacm-1.0.17-1.AXS4, mpit (AXSA:2014-192:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-192:01 advisory. ibutils: provides IB network and path diagnostics. infinipath-psm: The PSM Messaging API, or PSM API, is QLogic's low-level user-level communications...

EUVD-2013-2503

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2013-2561

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on 1 ibdiagnet.db, 2 ibdiagnet.fdbs, 3 ibdiagnetibis.log, 4...

RHSA-2012:0311 Red Hat Security Advisory: ibutils security and bug fix update

Bulletin has no description...

RHEL 4 : ibutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ibutils: insecure relative RPATH CVE-2008-3277 Note that Nessus has not tested for this issue but has instead relie...

RHEL 5 : ibutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ibutils: insecure handling of files in the /tmp directory CVE-2013-2561 Note that Nessus has not tested for this...

SUSE CVE-2008-3277

Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux RHEL 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux RHEL 5 allows local users to gain privileges via a Trojan Horse...

SUSE CVE-2013-2561

OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on 1 ibdiagnet.db, 2 ibdiagnet.fdbs, 3 ibdiagnetibis.log, 4 ibdiagnet.log, 5 ibdiagnet.lst, 6 ibdiagnet.mcfdbs, 7 ibdiagnet.pkey, 8 ibdiagnet.psl, 9 ibdiagnet.slvl, or 10 ibdiagnet.sm in /tmp/...

SUSE: Security Advisory (SUSE-SU-2021:1597-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2013:1193-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : ibutils (SUSE-SU-2021:1597-1)

This update for ibutils fixes the following issues : Hardening: Link ibis executable with -pie bsc1184123. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much ...

SUSE-SU-2021:1597-1 Security update for ibutils

This update for ibutils fixes the following issues: - Hardening: Link ibis executable with -pie bsc1184123...

Arbitrary Code Execution

ibutils is vulnerable to arbitrary code execution. The vulnerability exists as it was found that the ibmssh executable had an insecure relative RPATH runtime library search path set in the ELF Executable and Linking Format header. A local user able to convince another user to run ibmssh in an...

Symlink Attack

ibutils is vulnerable to symlink attack. A flaw was found in the way ibutils handled temporary files. A local attacker could use this flaw to cause arbitrary files to be overwritten as the root user via a symbolic link attack...

Oracle: Security Advisory (ELSA-2013-0509)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2012-0311)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2013-256)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES10 / SLES11 Security Update : ibutils (SUSE-SU-2013:1193-1)

Various tmp races in ibdiagnet of ibutils have been fixed that could have been used by local attackers on machines where infiband was debugged to gain privileges. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

Oracle Solaris Third-Party Patch Update : ibutils (cve_2013_2561_link_following)

The remote Solaris system is missing necessary patches to address security updates : - OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on 1 ibdiagnet.db, 2 ibdiagnet.fdbs, 3 ibdiagnetibis.log, 4 ibdiagnet.log, 5 ibdiagnet.lst, 6 ibdiagnet.mcfdbs, 7...

CentOS 6 : ibutils / infinipath-psm / libibverbs / libmlx4 / librdmacm / mpitests / mstflint / etc (CESA-2013:1661)

Updated rdma, libibverbs, libmlx4, librdmacm, qperf, perftest, openmpi, compat-openmpi, infinipath-psm, mpitests, and rds-tools packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team ha...