Login
Newsletter
Werbung

Sicherheit: Fehlerhafte Zugriffsrechte in IPMItool
Aktuelle Meldungen Distributionen
Name: Fehlerhafte Zugriffsrechte in IPMItool
ID: FEDORA-2011-17071
Distribution: Fedora
Plattformen: Fedora 15
Datum: Di, 3. Januar 2012, 07:54
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4339
Applikationen: IPMItool

Originalnachricht

Name        : ipmitool
Product : Fedora 15
Version : 1.8.11
Release : 7.fc15
URL : http://ipmitool.sourceforge.net/
Summary : Utility for IPMI control
Description :
This package contains a utility for interfacing with devices that support
the Intelligent Platform Management Interface specification. IPMI is
an open standard for machine health, inventory, and remote power control.

This utility can communicate with IPMI-enabled devices through either a
kernel driver such as OpenIPMI or over the RMCP LAN protocol defined in
the IPMI specification. IPMIv2 adds support for encrypted LAN
communications and remote Serial-over-LAN functionality.

It provides commands for reading the Sensor Data Repository (SDR) and
displaying sensor values, displaying the contents of the System Event
Log (SEL), printing Field Replaceable Unit (FRU) information, reading and
setting LAN configuration, and chassis power control.

-------------------------------------------------------------------------------
-
Update Information:

This update fixes following security bug:
CVE-2011-4339 - OpenIPMI: IPMI event daemon creates PID file with world
writeable permissions
-------------------------------------------------------------------------------
-
ChangeLog:

* Tue Dec 13 2011 Jan Safranek <jsafrane@redhat.com> - 1.8.11-7
- fixed CVE-2011-4339
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #742837 - CVE-2011-4339 OpenIPMI: IPMI event daemon creates PID
file with world writeable permissions
https://bugzilla.redhat.com/show_bug.cgi?id=742837
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update ipmitool' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung