CVE-2012-5530
First published: Mon Nov 12 2012(Updated: )
A security flaw was found in the way Performance Co-Pilot (PCP), a framework and services to support system-level performance monitoring and performance management, performed management of its temporary files used by various services from the suite. A local attacker could use this flaw to conduct symbolic link attacks (alter or remove different system files, accessible with the privileges of the user running the PCP suite, than it was originally intended). References: [1] <a href="https://bugzilla.novell.com/show_bug.cgi?id=782967">https://bugzilla.novell.com/show_bug.cgi?id=782967</a> (private)
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sgi Performance Co-pilot | <=3.6.9 | |
| Sgi Performance Co-pilot | =2.1.1 | |
| Sgi Performance Co-pilot | =2.1.2 | |
| Sgi Performance Co-pilot | =2.1.3 | |
| Sgi Performance Co-pilot | =2.1.4 | |
| Sgi Performance Co-pilot | =2.1.5 | |
| Sgi Performance Co-pilot | =2.1.6 | |
| Sgi Performance Co-pilot | =2.1.7 | |
| Sgi Performance Co-pilot | =2.1.8 | |
| Sgi Performance Co-pilot | =2.1.9 | |
| Sgi Performance Co-pilot | =2.1.10 | |
| Sgi Performance Co-pilot | =2.1.11 | |
| Sgi Performance Co-pilot | =2.2 | |
| Sgi Performance Co-pilot | =3.6.4 | |
| Sgi Performance Co-pilot | =3.6.5 | |
| Sgi Performance Co-pilot | =3.6.6 | |
| Sgi Performance Co-pilot | =3.6.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.novell.com/show_bug.cgi?id=782967
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=644042&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=644042&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=644747
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=644747&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=646265&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=646265&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=646266&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=646266&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=875842#c8
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=877983
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=877984
- https://bugzilla.redhat.com/show_bug.cgi?id=875842
- http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00024.html
- http://www.securityfocus.com/bid/56656
- collector/nvd-index
- agent/softwarecombine
- agent/first-publish-date
- agent/type
- collector/mitre-cve
- source/MITRE
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2012-5530
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/tags
- agent/references
- agent/description
- agent/event
- vendor/sgi
- canonical/sgi performance co-pilot
- version/sgi performance co-pilot/3.6.9
- version/sgi performance co-pilot/2.1.1
- version/sgi performance co-pilot/2.1.2
- version/sgi performance co-pilot/2.1.3
- version/sgi performance co-pilot/2.1.4
- version/sgi performance co-pilot/2.1.5
- version/sgi performance co-pilot/2.1.6
- version/sgi performance co-pilot/2.1.7
- version/sgi performance co-pilot/2.1.8
- version/sgi performance co-pilot/2.1.9
- version/sgi performance co-pilot/2.1.10
- version/sgi performance co-pilot/2.1.11
- version/sgi performance co-pilot/2.2
- version/sgi performance co-pilot/3.6.4
- version/sgi performance co-pilot/3.6.5
- version/sgi performance co-pilot/3.6.6
- version/sgi performance co-pilot/3.6.8