CVE-2011-4339
First published: Mon Oct 03 2011(Updated: )
ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ipmitool | =1.8.11 | |
| Red Hat Enterprise Linux | =6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://openwall.com/lists/oss-security/2011/12/13/1
- https://bugzilla.redhat.com/show_bug.cgi?id=742837
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:196
- http://www.redhat.com/support/errata/RHSA-2011-1814.html
- http://secunia.com/advisories/47173
- http://secunia.com/advisories/47228
- http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071575.html
- http://www.debian.org/security/2011/dsa-2376
- http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071580.html
- http://secunia.com/advisories/47376
- http://rhn.redhat.com/errata/RHSA-2013-0123.html
- http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.securityfocus.com/bid/51036
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71763
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=742837#c10
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=767049
- https://rhn.redhat.com/errata/RHSA-2011-1814.html
- https://rhn.redhat.com/errata/RHSA-2013-0123.html
Frequently Asked Questions
What is the severity of CVE-2011-4339?
CVE-2011-4339 is categorized as a medium severity vulnerability due to its potential for local privilege escalation.
How do I fix CVE-2011-4339?
To fix CVE-2011-4339, change the permissions of the ipmievd.pid file to restrict access, typically to 0644.
Which versions of ipmitool are affected by CVE-2011-4339?
CVE-2011-4339 affects ipmitool version 1.8.11.
Can local users exploit CVE-2011-4339?
Yes, local users can exploit CVE-2011-4339 to kill arbitrary processes due to the insecure file permissions.
Is CVE-2011-4339 present in Red Hat Enterprise Linux 6?
Yes, CVE-2011-4339 is present in Red Hat Enterprise Linux 6, specifically related to the ipmitool package.
- collector/nvd-historical
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/references
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2011-4339
- agent/event
- agent/trending
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ipmitool project
- canonical/ipmitool
- version/ipmitool/1.8.11
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/6.0