Vulnerabilities > Ipmitool Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-05 | CVE-2020-5208 | Classic Buffer Overflow vulnerability in multiple products It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. | 8.8 |
2011-12-15 | CVE-2011-4339 | Incorrect Permission Assignment for Critical Resource vulnerability in Ipmitool Project Ipmitool 1.8.11 ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file. | 3.6 |