SCIENTIFIC-LINUX-ERRATA Archives

December 2011

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: ipmitool on SL6.x i386/x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Thu, 15 Dec 2011 15:24:23 -0600
Content-Type:
text/plain
Parts/Attachments:
text/plain (29 lines) 
Synopsis:    Moderate: ipmitool security update
Issue Date:  2011-12-13
CVE Numbers: CVE-2011-4339


The ipmitool package contains a command line utility for interfacing with
devices that support the Intelligent Platform Management Interface (IPMI)
specification. IPMI is an open standard for machine health, inventory, and
remote power control.

It was discovered that the IPMI event daemon (ipmievd) created its process
ID (PID) file with world-writable permissions. A local user could use this
flaw to make the ipmievd init script kill an arbitrary process when the
ipmievd daemon is stopped or restarted. (CVE-2011-4339)

All users of ipmitool are advised to upgrade to this updated package, which
contains a backported patch to correct this issue. After installing this
update, the IPMI event daemon (ipmievd) will be restarted automatically.

SL6:
  i386
     ipmitool-1.8.11-12.el6_2.1.i686.rpm
     ipmitool-debuginfo-1.8.11-12.el6_2.1.i686.rpm
  x86_64
     ipmitool-1.8.11-12.el6_2.1.x86_64.rpm
     ipmitool-debuginfo-1.8.11-12.el6_2.1.x86_64.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2