Filtered by vendor Ipmitool Project Subscriptions
Filtered by product Ipmitool Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-5208 5 Debian, Fedoraproject, Ipmitool Project and 2 more 9 Debian Linux, Fedora, Ipmitool and 6 more 2024-11-21 7.7 High
It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19.
CVE-2011-4339 2 Ipmitool Project, Redhat 2 Ipmitool, Enterprise Linux 2024-11-21 N/A
ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file.