Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian Security Advisory DSA 2376-2 (ipmitool)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update to ipmitool announced via advisory DSA 2376-2.
Insight
Insight
It was discovered that OpenIPMI, the Intelligent Platform Management Interface library and tools, used too wide permissions PID file, which allows local users to kill arbitrary processes by writing to this file. The original announcement didn't contain corrections for the Debian 5.0 lenny distribution. This update adds packages for lenny. For the oldstable distribution (lenny), this problem has been fixed in version 1.8.9-2+squeeze1. (Although the version number contains the string squeeze, this is in fact an update for lenny.) For the stable distribution (squeeze), this problem has been fixed in version 1.8.11-2+squeeze2. For the unstable distribution (sid), this problem has been fixed in version 1.8.11-5.
Solution
Solution
We recommend that you upgrade your ipmitool packages.