Lucene search
K
SgiPerformance Co-pilot

7 matches found

CVE
CVE
added 2024/02/28 2:38 p.m.200 views

CVE-2023-6917

The CVE-2023-6917 issue in Performance Co-Pilot (PCP) stems from mixed privilege levels across PCP systemd services, with some processes running as root while others are limited PCP users. This separation failure can let privileged root processes interact with directories owned by unprivileged PC...

6.7CVSS6.3AI score0.002EPSS
CVE
CVE
added 2012/08/27 11:0 p.m.72 views

CVE-2012-3418

CVE-2012-3418 affects libpcp in Performance Co-Pilot (PCP) prior to 3.6.5. The vulnerability arises in the decoding paths (__pmDecodeCreds, __pmDecodeNameList, __pmDecodeIDList, __pmDecodeProfile, __pmDecodeResult, DecodeNameReq, __pmDecodeFetch, __pmDecodeInstanceReq, __pmDecodeText, __pmDecodeI...

5CVSS7.8AI score0.05753EPSS
CVE
CVE
added 2012/08/27 11:0 p.m.72 views

CVE-2012-3421

The CVE-2012-3421 issue affects Performance Co-Pilot (PCP) libpcp: the pduread function in pdu.c does not time out stalled connections, allowing a remote attacker to cause a denial of service (pmcd hang) by sending PDUs byte by byte. Affected product/version: PCP before 3.6.5. Mitigation: upgrade...

5CVSS6.3AI score0.03332EPSS
CVE
CVE
added 2012/08/27 11:0 p.m.70 views

CVE-2012-3420

CVE-2012-3420 affects Performance Co-Pilot (PCP) components prior to 3.6.5. The issue is due to memory leaks in PCP where processing a large number of PDUs can exhaust memory, or crash the daemon, via (1) a crafted context number to DoFetch (pmcd/src/dofetch.c) or (2) a negative type value to __p...

5CVSS6.3AI score0.02435EPSS
CVE
CVE
added 2012/11/29 11:0 a.m.63 views

CVE-2012-5530

CVE-2012-5530 affects Performance Co-Pilot (PCP) components prior to 3.6.10. The vulnerability arises from the init scripts (pcmd and pmlogger) that allow local users to overwrite arbitrary files via a symlink attack on a /var/tmp/##### temporary file. The issue is specifically tied to the file-s...

2.1CVSS6.1AI score0.00371EPSS
CVE
CVE
added 2012/08/27 11:0 p.m.62 views

CVE-2012-3419

CVE-2012-3419 affects Performance Co-Pilot (PCP) before 3.6.5. The vulnerability arises because PCP exposes some of the /proc filesystem, allowing remote or local entities to read sensitive information such as proc/pid/maps and command line arguments. Consequence: potential exposure of process de...

5CVSS5.8AI score0.0177EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.52 views

CVE-2001-0823

The CVE-2001-0823 entry documents a local privilege escalation in the Performance Co-Pilot (PCP) package via the pmpost utility, prior to version 2.2.1-3. An attacker can exploit a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR) to gain root/privilege access. The underly...

7.2CVSS6.5AI score0.00975EPSS