Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CentOS Update for ipmitool CESA-2011:1814 centos6

Information

Severity

Severity

Low

Family

Family

CentOS Local Security Checks

CVSSv2 Base

CVSSv2 Base

3.6

CVSSv2 Vector

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:P/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

11 years ago

Modified

Modified

5 years ago

Summary

The remote host is missing an update for the 'ipmitool' package(s) announced via the referenced advisory.

Insight

Insight

The ipmitool package contains a command line utility for interfacing with devices that support the Intelligent Platform Management Interface (IPMI) specification. IPMI is an open standard for machine health, inventory, and remote power control. It was discovered that the IPMI event daemon (ipmievd) created its process ID (PID) file with world-writable permissions. A local user could use this flaw to make the ipmievd init script kill an arbitrary process when the ipmievd daemon is stopped or restarted. (CVE-2011-4339) All users of ipmitool are advised to upgrade to this updated package, which contains a backported patch to correct this issue. After installing this update, the IPMI event daemon (ipmievd) will be restarted automatically.

Affected Software

Affected Software

ipmitool on CentOS 6

Solution

Solution

Please install the updated packages.

Common Vulnerabilities and Exposures (CVE)