Sicherheit: Fehlerhafte Zugriffsrechte in IPMItool
Aktuelle Meldungen Distributionen
Name: Fehlerhafte Zugriffsrechte in IPMItool
ID: FEDORA-2011-17065
Distribution: Fedora
Plattformen: Fedora 16
Datum: Di, 3. Januar 2012, 07:54
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4339
Applikationen: IPMItool


Name        : ipmitool
Product : Fedora 16
Version : 1.8.11
Release : 8.fc16
URL : http://ipmitool.sourceforge.net/
Summary : Utility for IPMI control
Description :
This package contains a utility for interfacing with devices that support
the Intelligent Platform Management Interface specification. IPMI is
an open standard for machine health, inventory, and remote power control.

This utility can communicate with IPMI-enabled devices through either a
kernel driver such as OpenIPMI or over the RMCP LAN protocol defined in
the IPMI specification. IPMIv2 adds support for encrypted LAN
communications and remote Serial-over-LAN functionality.

It provides commands for reading the Sensor Data Repository (SDR) and
displaying sensor values, displaying the contents of the System Event
Log (SEL), printing Field Replaceable Unit (FRU) information, reading and
setting LAN configuration, and chassis power control.

Update Information:

This update fixes following security bug:
CVE-2011-4339 - OpenIPMI: IPMI event daemon creates PID file with world
writeable permissions

* Tue Dec 13 2011 Jan Safranek <jsafrane@redhat.com> - 1.8.11-8
- fixed CVE-2011-4339

[ 1 ] Bug #742837 - CVE-2011-4339 OpenIPMI: IPMI event daemon creates PID
file with world writeable permissions

This update can be installed with the "yum" update program. Use
su -c 'yum update ipmitool' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Pro-Linux @Facebook
Neue Nachrichten