Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
16 vulnerabilities by openfabrics
CVE-2008-3277 (GCVE-0-2008-3277)
Vulnerability from nvd – Published: 2014-04-15 18:00 – Updated: 2024-08-07 09:28
VLAI
EPSS
VEX
Summary
Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux (RHEL) 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux (RHEL) 5 allows local users to gain privileges via a Trojan Horse program in refix/lib/, related to an incorrect RPATH setting in the ELF header.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=457935 | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2012-0311.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2012-02-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:41.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457935"
},
{
"name": "RHSA-2012:0311",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0311.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux (RHEL) 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux (RHEL) 5 allows local users to gain privileges via a Trojan Horse program in refix/lib/, related to an incorrect RPATH setting in the ELF header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-15T17:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457935"
},
{
"name": "RHSA-2012:0311",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0311.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-3277",
"datePublished": "2014-04-15T18:00:00.000Z",
"dateReserved": "2008-07-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:28:41.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2561 (GCVE-0-2013-2561)
Vulnerability from nvd – Published: 2013-11-23 18:00 – Updated: 2024-08-06 15:44
VLAI
EPSS
VEX
Summary
OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on (1) ibdiagnet.db, (2) ibdiagnet.fdbs, (3) ibdiagnet_ibis.log, (4) ibdiagnet.log, (5) ibdiagnet.lst, (6) ibdiagnet.mcfdbs, (7) ibdiagnet.pkey, (8) ibdiagnet.psl, (9) ibdiagnet.slvl, or (10) ibdiagnet.sm in /tmp/.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://seclists.org/fulldisclosure/2013/Mar/87 | mailing-listx_refsource_FULLDISC |
| http://www.securityfocus.com/bid/58335 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2013/03/26/1 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2013/03/26/4 | mailing-listx_refsource_MLIST |
| http://rhn.redhat.com/errata/RHSA-2013-1661.html | vendor-advisoryx_refsource_REDHAT |
| http://www.oracle.com/technetwork/topics/security… | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=927430 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2013/03/19/8 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2013/0… | mailing-listx_refsource_MLIST |
Date Public
2013-03-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:32.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130306 OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Mar/87"
},
{
"name": "58335",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58335"
},
{
"name": "[oss-secuirty] 20130325 Re: CVE request: ibutils improper use of files in /tmp",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/1"
},
{
"name": "[oss-secuirty] 20130326 Re: CVE request: ibutils improper use of files in /tmp",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/4"
},
{
"name": "RHSA-2013:1661",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1661.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=927430"
},
{
"name": "[oss-security] 20130319 Fwd: CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/19/8"
},
{
"name": "[oss-secuirty] 20130326 Re: CVE request: ibutils improper use of files in /tmp",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-03-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on (1) ibdiagnet.db, (2) ibdiagnet.fdbs, (3) ibdiagnet_ibis.log, (4) ibdiagnet.log, (5) ibdiagnet.lst, (6) ibdiagnet.mcfdbs, (7) ibdiagnet.pkey, (8) ibdiagnet.psl, (9) ibdiagnet.slvl, or (10) ibdiagnet.sm in /tmp/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20130306 OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Mar/87"
},
{
"name": "58335",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/58335"
},
{
"name": "[oss-secuirty] 20130325 Re: CVE request: ibutils improper use of files in /tmp",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/1"
},
{
"name": "[oss-secuirty] 20130326 Re: CVE request: ibutils improper use of files in /tmp",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/4"
},
{
"name": "RHSA-2013:1661",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1661.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=927430"
},
{
"name": "[oss-security] 20130319 Fwd: CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/19/8"
},
{
"name": "[oss-secuirty] 20130326 Re: CVE request: ibutils improper use of files in /tmp",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2561",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on (1) ibdiagnet.db, (2) ibdiagnet.fdbs, (3) ibdiagnet_ibis.log, (4) ibdiagnet.log, (5) ibdiagnet.lst, (6) ibdiagnet.mcfdbs, (7) ibdiagnet.pkey, (8) ibdiagnet.psl, (9) ibdiagnet.slvl, or (10) ibdiagnet.sm in /tmp/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130306 OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2013/Mar/87"
},
{
"name": "58335",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/58335"
},
{
"name": "[oss-secuirty] 20130325 Re: CVE request: ibutils improper use of files in /tmp",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/1"
},
{
"name": "[oss-secuirty] 20130326 Re: CVE request: ibutils improper use of files in /tmp",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/4"
},
{
"name": "RHSA-2013:1661",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1661.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=927430",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=927430"
},
{
"name": "[oss-security] 20130319 Fwd: CVE requests",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/03/19/8"
},
{
"name": "[oss-secuirty] 20130326 Re: CVE request: ibutils improper use of files in /tmp",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2561",
"datePublished": "2013-11-23T18:00:00.000Z",
"dateReserved": "2013-03-13T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:44:32.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4518 (GCVE-0-2012-4518)
Vulnerability from nvd – Published: 2012-10-22 23:00 – Updated: 2024-08-06 20:35
VLAI
EPSS
VEX
Summary
ibacm 1.0.7 creates files with world-writable permissions, which allows local users to overwrite the ib_acm daemon log or ibacm.port file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-0509.html | vendor-advisoryx_refsource_REDHAT |
| http://www.openwall.com/lists/oss-security/2012/10/11/6 | mailing-listx_refsource_MLIST |
| http://git.openfabrics.org/git?p=~shefty/ibacm.gi… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/10/11/9 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/55890 | vdb-entryx_refsource_BID |
Date Public
2012-10-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:0509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0509.html"
},
{
"name": "[oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.openfabrics.org/git?p=~shefty/ibacm.git%3Ba=commit%3Bh=d204fca2b6298d7799e918141ea8e11e7ad43cec"
},
{
"name": "[oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/9"
},
{
"name": "55890",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55890"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ibacm 1.0.7 creates files with world-writable permissions, which allows local users to overwrite the ib_acm daemon log or ibacm.port file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-08T10:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2013:0509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0509.html"
},
{
"name": "[oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.openfabrics.org/git?p=~shefty/ibacm.git%3Ba=commit%3Bh=d204fca2b6298d7799e918141ea8e11e7ad43cec"
},
{
"name": "[oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/9"
},
{
"name": "55890",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55890"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4518",
"datePublished": "2012-10-22T23:00:00.000Z",
"dateReserved": "2012-08-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T20:35:09.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4517 (GCVE-0-2012-4517)
Vulnerability from nvd – Published: 2012-10-22 23:00 – Updated: 2024-08-06 20:35
VLAI
EPSS
VEX
Summary
ibacm before 1.0.6 does not properly manage reference counts for multicast connections, which allows remote attackers to cause a denial of service (ibacm service crash) via a crafted join response.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://git.openfabrics.org/git?p=~shefty/ibacm.gi… | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2013-0509.html | vendor-advisoryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=865492 | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/10/11/6 | mailing-listx_refsource_MLIST |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://comments.gmane.org/gmane.linux.drivers.rdm… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2012/10/11/9 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/55890 | vdb-entryx_refsource_BID |
Date Public
2012-04-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.openfabrics.org/git?p=~shefty/ibacm.git%3Ba=commit%3Bh=c7d28b35d64333c262de3ec972c426423dadccf9"
},
{
"name": "RHSA-2013:0509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0509.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865492"
},
{
"name": "[oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/6"
},
{
"name": "ibacm-connections-dos(79396)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79396"
},
{
"name": "[linux-rdma] 20120413 [ANNOUNCE] ibacm release 1.0.6",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://comments.gmane.org/gmane.linux.drivers.rdma/11659"
},
{
"name": "[oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/9"
},
{
"name": "55890",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55890"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ibacm before 1.0.6 does not properly manage reference counts for multicast connections, which allows remote attackers to cause a denial of service (ibacm service crash) via a crafted join response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.openfabrics.org/git?p=~shefty/ibacm.git%3Ba=commit%3Bh=c7d28b35d64333c262de3ec972c426423dadccf9"
},
{
"name": "RHSA-2013:0509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0509.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865492"
},
{
"name": "[oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/6"
},
{
"name": "ibacm-connections-dos(79396)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79396"
},
{
"name": "[linux-rdma] 20120413 [ANNOUNCE] ibacm release 1.0.6",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://comments.gmane.org/gmane.linux.drivers.rdma/11659"
},
{
"name": "[oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/9"
},
{
"name": "55890",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55890"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4517",
"datePublished": "2012-10-22T23:00:00.000Z",
"dateReserved": "2012-08-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T20:35:09.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4516 (GCVE-0-2012-4516)
Vulnerability from nvd – Published: 2012-10-22 23:00 – Updated: 2024-08-06 20:35
VLAI
EPSS
VEX
Summary
librdmacm 1.0.16, when ibacm.port is not specified, connects to port 6125, which allows remote attackers to specify the address resolution information for the application via a malicious ib_acm service.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=865483 | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/10/11/6 | mailing-listx_refsource_MLIST |
| http://git.openfabrics.org/git?p=~shefty/librdmac… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/10/11/9 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/55896 | vdb-entryx_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:10.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865483"
},
{
"name": "[oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.openfabrics.org/git?p=~shefty/librdmacm.git%3Ba=commitdiff%3Bh=4b5c1aa734e0e734fc2ba3cd41d0ddf02170af6d"
},
{
"name": "[oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/9"
},
{
"name": "55896",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55896"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "librdmacm 1.0.16, when ibacm.port is not specified, connects to port 6125, which allows remote attackers to specify the address resolution information for the application via a malicious ib_acm service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-10-22T23:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865483"
},
{
"name": "[oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.openfabrics.org/git?p=~shefty/librdmacm.git%3Ba=commitdiff%3Bh=4b5c1aa734e0e734fc2ba3cd41d0ddf02170af6d"
},
{
"name": "[oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/9"
},
{
"name": "55896",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55896"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4516",
"datePublished": "2012-10-22T23:00:00.000Z",
"dateReserved": "2012-08-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T20:35:10.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3345 (GCVE-0-2011-3345)
Vulnerability from nvd – Published: 2011-09-17 10:00 – Updated: 2024-08-06 23:29
VLAI
EPSS
VEX
Summary
ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution (OFED) before 1.5.3 does not properly handle certain non-array variables, which allows local users to cause a denial of service (stack memory corruption and system crash) by reading the /proc/net/sdpstats file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/45861 | third-party-advisoryx_refsource_SECUNIA |
| http://www.openwall.com/lists/oss-security/2011/09/07/1 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2011/09/07/3 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/49486 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://git.openfabrics.org/git?p=ofed_1_5/linux-2… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2011/09/06/3 | mailing-listx_refsource_MLIST |
Date Public
2011-09-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45861",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45861"
},
{
"name": "[oss-security] 20110907 Re: CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/09/07/1"
},
{
"name": "[oss-security] 20110907 Re: CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/09/07/3"
},
{
"name": "49486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49486"
},
{
"name": "ofed-sdpstats-dos(69631)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69631"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.openfabrics.org/git?p=ofed_1_5/linux-2.6.git%3Ba=commit%3Bh=04bb801a31825d1559c4670253e1bea1291a1af8"
},
{
"name": "[oss-security] 20110906 CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/09/06/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution (OFED) before 1.5.3 does not properly handle certain non-array variables, which allows local users to cause a denial of service (stack memory corruption and system crash) by reading the /proc/net/sdpstats file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "45861",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45861"
},
{
"name": "[oss-security] 20110907 Re: CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/09/07/1"
},
{
"name": "[oss-security] 20110907 Re: CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/09/07/3"
},
{
"name": "49486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49486"
},
{
"name": "ofed-sdpstats-dos(69631)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69631"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.openfabrics.org/git?p=ofed_1_5/linux-2.6.git%3Ba=commit%3Bh=04bb801a31825d1559c4670253e1bea1291a1af8"
},
{
"name": "[oss-security] 20110906 CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/09/06/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3345",
"datePublished": "2011-09-17T10:00:00.000Z",
"dateReserved": "2011-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:29:56.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4173 (GCVE-0-2010-4173)
Vulnerability from nvd – Published: 2010-11-22 19:00 – Updated: 2024-08-07 03:34
VLAI
EPSS
VEX
Summary
The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp, which allows local users to overwrite arbitrary files via a (1) symlink or (2) hard link attack on the libsdp.log.##### temporary file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2010/11/16/7 | mailing-listx_refsource_MLIST |
| http://www.openfabrics.org/downloads/libsdp/libsd… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2010/11/16/2 | mailing-listx_refsource_MLIST |
| https://bugzilla.redhat.com/show_bug.cgi?id=647941 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20101116 Re: CVE Request: libsdp",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/16/7"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openfabrics.org/downloads/libsdp/libsdp-1.1.105-0.4.g1b9b996.tar.gz"
},
{
"name": "[oss-security] 20101116 CVE Request: libsdp",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/16/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=647941"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp, which allows local users to overwrite arbitrary files via a (1) symlink or (2) hard link attack on the libsdp.log.##### temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-22T19:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20101116 Re: CVE Request: libsdp",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/16/7"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openfabrics.org/downloads/libsdp/libsdp-1.1.105-0.4.g1b9b996.tar.gz"
},
{
"name": "[oss-security] 20101116 CVE Request: libsdp",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/16/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=647941"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4173",
"datePublished": "2010-11-22T19:00:00.000Z",
"dateReserved": "2010-11-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:34:37.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1693 (GCVE-0-2010-1693)
Vulnerability from nvd – Published: 2010-10-26 18:00 – Updated: 2024-08-07 01:35
VLAI
EPSS
VEX
Summary
openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2010/10/22/1 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/44332 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/41937 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/68856 | vdb-entryx_refsource_OSVDB |
| http://lists.openfabrics.org/pipermail/ewg/2010-O… | mailing-listx_refsource_MLIST |
Date Public
2010-10-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:35:53.708Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20101022 CVE-2010-1693: OFED openibd startup script uses predictable tmpfile",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/22/1"
},
{
"name": "44332",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44332"
},
{
"name": "ofed-openibd-symlink(62753)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62753"
},
{
"name": "41937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41937"
},
{
"name": "68856",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/68856"
},
{
"name": "[ewg] 20101021 [PATCH] security fix in openibd script",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.openfabrics.org/pipermail/ewg/2010-October/015886.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "bc94ec7e-8909-4cbb-83df-d2fc9330fa88",
"shortName": "sgi"
},
"references": [
{
"name": "[oss-security] 20101022 CVE-2010-1693: OFED openibd startup script uses predictable tmpfile",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/22/1"
},
{
"name": "44332",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44332"
},
{
"name": "ofed-openibd-symlink(62753)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62753"
},
{
"name": "41937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41937"
},
{
"name": "68856",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/68856"
},
{
"name": "[ewg] 20101021 [PATCH] security fix in openibd script",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.openfabrics.org/pipermail/ewg/2010-October/015886.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-info@sgi.com",
"ID": "CVE-2010-1693",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20101022 CVE-2010-1693: OFED openibd startup script uses predictable tmpfile",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/10/22/1"
},
{
"name": "44332",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44332"
},
{
"name": "ofed-openibd-symlink(62753)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62753"
},
{
"name": "41937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41937"
},
{
"name": "68856",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/68856"
},
{
"name": "[ewg] 20101021 [PATCH] security fix in openibd script",
"refsource": "MLIST",
"url": "http://lists.openfabrics.org/pipermail/ewg/2010-October/015886.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "bc94ec7e-8909-4cbb-83df-d2fc9330fa88",
"assignerShortName": "sgi",
"cveId": "CVE-2010-1693",
"datePublished": "2010-10-26T18:00:00.000Z",
"dateReserved": "2010-04-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T01:35:53.708Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3277 (GCVE-0-2008-3277)
Vulnerability from cvelistv5 – Published: 2014-04-15 18:00 – Updated: 2024-08-07 09:28
VLAI
EPSS
VEX
Summary
Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux (RHEL) 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux (RHEL) 5 allows local users to gain privileges via a Trojan Horse program in refix/lib/, related to an incorrect RPATH setting in the ELF header.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=457935 | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2012-0311.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2012-02-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:41.953Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457935"
},
{
"name": "RHSA-2012:0311",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0311.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in a certain Red Hat build script for the ibmssh executable in ibutils packages before ibutils-1.5.7-2.el6 in Red Hat Enterprise Linux (RHEL) 6 and ibutils-1.2-11.2.el5 in Red Hat Enterprise Linux (RHEL) 5 allows local users to gain privileges via a Trojan Horse program in refix/lib/, related to an incorrect RPATH setting in the ELF header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-15T17:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=457935"
},
{
"name": "RHSA-2012:0311",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0311.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2008-3277",
"datePublished": "2014-04-15T18:00:00.000Z",
"dateReserved": "2008-07-24T00:00:00.000Z",
"dateUpdated": "2024-08-07T09:28:41.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2561 (GCVE-0-2013-2561)
Vulnerability from cvelistv5 – Published: 2013-11-23 18:00 – Updated: 2024-08-06 15:44
VLAI
EPSS
VEX
Summary
OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on (1) ibdiagnet.db, (2) ibdiagnet.fdbs, (3) ibdiagnet_ibis.log, (4) ibdiagnet.log, (5) ibdiagnet.lst, (6) ibdiagnet.mcfdbs, (7) ibdiagnet.pkey, (8) ibdiagnet.psl, (9) ibdiagnet.slvl, or (10) ibdiagnet.sm in /tmp/.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://seclists.org/fulldisclosure/2013/Mar/87 | mailing-listx_refsource_FULLDISC |
| http://www.securityfocus.com/bid/58335 | vdb-entryx_refsource_BID |
| http://www.openwall.com/lists/oss-security/2013/03/26/1 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2013/03/26/4 | mailing-listx_refsource_MLIST |
| http://rhn.redhat.com/errata/RHSA-2013-1661.html | vendor-advisoryx_refsource_REDHAT |
| http://www.oracle.com/technetwork/topics/security… | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=927430 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2013/03/19/8 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2013/0… | mailing-listx_refsource_MLIST |
Date Public
2013-03-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:44:32.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130306 OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Mar/87"
},
{
"name": "58335",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/58335"
},
{
"name": "[oss-secuirty] 20130325 Re: CVE request: ibutils improper use of files in /tmp",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/1"
},
{
"name": "[oss-secuirty] 20130326 Re: CVE request: ibutils improper use of files in /tmp",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/4"
},
{
"name": "RHSA-2013:1661",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1661.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=927430"
},
{
"name": "[oss-security] 20130319 Fwd: CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/19/8"
},
{
"name": "[oss-secuirty] 20130326 Re: CVE request: ibutils improper use of files in /tmp",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-03-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on (1) ibdiagnet.db, (2) ibdiagnet.fdbs, (3) ibdiagnet_ibis.log, (4) ibdiagnet.log, (5) ibdiagnet.lst, (6) ibdiagnet.mcfdbs, (7) ibdiagnet.pkey, (8) ibdiagnet.psl, (9) ibdiagnet.slvl, or (10) ibdiagnet.sm in /tmp/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20130306 OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Mar/87"
},
{
"name": "58335",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/58335"
},
{
"name": "[oss-secuirty] 20130325 Re: CVE request: ibutils improper use of files in /tmp",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/1"
},
{
"name": "[oss-secuirty] 20130326 Re: CVE request: ibutils improper use of files in /tmp",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/4"
},
{
"name": "RHSA-2013:1661",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1661.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=927430"
},
{
"name": "[oss-security] 20130319 Fwd: CVE requests",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/19/8"
},
{
"name": "[oss-secuirty] 20130326 Re: CVE request: ibutils improper use of files in /tmp",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2561",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on (1) ibdiagnet.db, (2) ibdiagnet.fdbs, (3) ibdiagnet_ibis.log, (4) ibdiagnet.log, (5) ibdiagnet.lst, (6) ibdiagnet.mcfdbs, (7) ibdiagnet.pkey, (8) ibdiagnet.psl, (9) ibdiagnet.slvl, or (10) ibdiagnet.sm in /tmp/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130306 OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2013/Mar/87"
},
{
"name": "58335",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/58335"
},
{
"name": "[oss-secuirty] 20130325 Re: CVE request: ibutils improper use of files in /tmp",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/1"
},
{
"name": "[oss-secuirty] 20130326 Re: CVE request: ibutils improper use of files in /tmp",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/4"
},
{
"name": "RHSA-2013:1661",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1661.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=927430",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=927430"
},
{
"name": "[oss-security] 20130319 Fwd: CVE requests",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/03/19/8"
},
{
"name": "[oss-secuirty] 20130326 Re: CVE request: ibutils improper use of files in /tmp",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/03/26/11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-2561",
"datePublished": "2013-11-23T18:00:00.000Z",
"dateReserved": "2013-03-13T00:00:00.000Z",
"dateUpdated": "2024-08-06T15:44:32.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4517 (GCVE-0-2012-4517)
Vulnerability from cvelistv5 – Published: 2012-10-22 23:00 – Updated: 2024-08-06 20:35
VLAI
EPSS
VEX
Summary
ibacm before 1.0.6 does not properly manage reference counts for multicast connections, which allows remote attackers to cause a denial of service (ibacm service crash) via a crafted join response.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://git.openfabrics.org/git?p=~shefty/ibacm.gi… | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2013-0509.html | vendor-advisoryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=865492 | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/10/11/6 | mailing-listx_refsource_MLIST |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://comments.gmane.org/gmane.linux.drivers.rdm… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2012/10/11/9 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/55890 | vdb-entryx_refsource_BID |
Date Public
2012-04-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.openfabrics.org/git?p=~shefty/ibacm.git%3Ba=commit%3Bh=c7d28b35d64333c262de3ec972c426423dadccf9"
},
{
"name": "RHSA-2013:0509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0509.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865492"
},
{
"name": "[oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/6"
},
{
"name": "ibacm-connections-dos(79396)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79396"
},
{
"name": "[linux-rdma] 20120413 [ANNOUNCE] ibacm release 1.0.6",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://comments.gmane.org/gmane.linux.drivers.rdma/11659"
},
{
"name": "[oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/9"
},
{
"name": "55890",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55890"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ibacm before 1.0.6 does not properly manage reference counts for multicast connections, which allows remote attackers to cause a denial of service (ibacm service crash) via a crafted join response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.openfabrics.org/git?p=~shefty/ibacm.git%3Ba=commit%3Bh=c7d28b35d64333c262de3ec972c426423dadccf9"
},
{
"name": "RHSA-2013:0509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0509.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865492"
},
{
"name": "[oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/6"
},
{
"name": "ibacm-connections-dos(79396)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79396"
},
{
"name": "[linux-rdma] 20120413 [ANNOUNCE] ibacm release 1.0.6",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://comments.gmane.org/gmane.linux.drivers.rdma/11659"
},
{
"name": "[oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/9"
},
{
"name": "55890",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55890"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4517",
"datePublished": "2012-10-22T23:00:00.000Z",
"dateReserved": "2012-08-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T20:35:09.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4518 (GCVE-0-2012-4518)
Vulnerability from cvelistv5 – Published: 2012-10-22 23:00 – Updated: 2024-08-06 20:35
VLAI
EPSS
VEX
Summary
ibacm 1.0.7 creates files with world-writable permissions, which allows local users to overwrite the ib_acm daemon log or ibacm.port file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-0509.html | vendor-advisoryx_refsource_REDHAT |
| http://www.openwall.com/lists/oss-security/2012/10/11/6 | mailing-listx_refsource_MLIST |
| http://git.openfabrics.org/git?p=~shefty/ibacm.gi… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/10/11/9 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/55890 | vdb-entryx_refsource_BID |
Date Public
2012-10-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:0509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0509.html"
},
{
"name": "[oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.openfabrics.org/git?p=~shefty/ibacm.git%3Ba=commit%3Bh=d204fca2b6298d7799e918141ea8e11e7ad43cec"
},
{
"name": "[oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/9"
},
{
"name": "55890",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55890"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ibacm 1.0.7 creates files with world-writable permissions, which allows local users to overwrite the ib_acm daemon log or ibacm.port file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-08T10:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2013:0509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0509.html"
},
{
"name": "[oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.openfabrics.org/git?p=~shefty/ibacm.git%3Ba=commit%3Bh=d204fca2b6298d7799e918141ea8e11e7ad43cec"
},
{
"name": "[oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/9"
},
{
"name": "55890",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55890"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4518",
"datePublished": "2012-10-22T23:00:00.000Z",
"dateReserved": "2012-08-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T20:35:09.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4516 (GCVE-0-2012-4516)
Vulnerability from cvelistv5 – Published: 2012-10-22 23:00 – Updated: 2024-08-06 20:35
VLAI
EPSS
VEX
Summary
librdmacm 1.0.16, when ibacm.port is not specified, connects to port 6125, which allows remote attackers to specify the address resolution information for the application via a malicious ib_acm service.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=865483 | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2012/10/11/6 | mailing-listx_refsource_MLIST |
| http://git.openfabrics.org/git?p=~shefty/librdmac… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2012/10/11/9 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/55896 | vdb-entryx_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:10.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865483"
},
{
"name": "[oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.openfabrics.org/git?p=~shefty/librdmacm.git%3Ba=commitdiff%3Bh=4b5c1aa734e0e734fc2ba3cd41d0ddf02170af6d"
},
{
"name": "[oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/9"
},
{
"name": "55896",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55896"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "librdmacm 1.0.16, when ibacm.port is not specified, connects to port 6125, which allows remote attackers to specify the address resolution information for the application via a malicious ib_acm service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-10-22T23:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=865483"
},
{
"name": "[oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.openfabrics.org/git?p=~shefty/librdmacm.git%3Ba=commitdiff%3Bh=4b5c1aa734e0e734fc2ba3cd41d0ddf02170af6d"
},
{
"name": "[oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/11/9"
},
{
"name": "55896",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55896"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4516",
"datePublished": "2012-10-22T23:00:00.000Z",
"dateReserved": "2012-08-21T00:00:00.000Z",
"dateUpdated": "2024-08-06T20:35:10.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3345 (GCVE-0-2011-3345)
Vulnerability from cvelistv5 – Published: 2011-09-17 10:00 – Updated: 2024-08-06 23:29
VLAI
EPSS
VEX
Summary
ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution (OFED) before 1.5.3 does not properly handle certain non-array variables, which allows local users to cause a denial of service (stack memory corruption and system crash) by reading the /proc/net/sdpstats file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/45861 | third-party-advisoryx_refsource_SECUNIA |
| http://www.openwall.com/lists/oss-security/2011/09/07/1 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2011/09/07/3 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/49486 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://git.openfabrics.org/git?p=ofed_1_5/linux-2… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2011/09/06/3 | mailing-listx_refsource_MLIST |
Date Public
2011-09-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45861",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45861"
},
{
"name": "[oss-security] 20110907 Re: CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/09/07/1"
},
{
"name": "[oss-security] 20110907 Re: CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/09/07/3"
},
{
"name": "49486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49486"
},
{
"name": "ofed-sdpstats-dos(69631)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69631"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.openfabrics.org/git?p=ofed_1_5/linux-2.6.git%3Ba=commit%3Bh=04bb801a31825d1559c4670253e1bea1291a1af8"
},
{
"name": "[oss-security] 20110906 CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2011/09/06/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution (OFED) before 1.5.3 does not properly handle certain non-array variables, which allows local users to cause a denial of service (stack memory corruption and system crash) by reading the /proc/net/sdpstats file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "45861",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45861"
},
{
"name": "[oss-security] 20110907 Re: CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/09/07/1"
},
{
"name": "[oss-security] 20110907 Re: CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/09/07/3"
},
{
"name": "49486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49486"
},
{
"name": "ofed-sdpstats-dos(69631)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69631"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.openfabrics.org/git?p=ofed_1_5/linux-2.6.git%3Ba=commit%3Bh=04bb801a31825d1559c4670253e1bea1291a1af8"
},
{
"name": "[oss-security] 20110906 CVE Request: OFED 1.5.2 /proc/net/sdpstats reading local denial of service/crash",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2011/09/06/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-3345",
"datePublished": "2011-09-17T10:00:00.000Z",
"dateReserved": "2011-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T23:29:56.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4173 (GCVE-0-2010-4173)
Vulnerability from cvelistv5 – Published: 2010-11-22 19:00 – Updated: 2024-08-07 03:34
VLAI
EPSS
VEX
Summary
The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp, which allows local users to overwrite arbitrary files via a (1) symlink or (2) hard link attack on the libsdp.log.##### temporary file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2010/11/16/7 | mailing-listx_refsource_MLIST |
| http://www.openfabrics.org/downloads/libsdp/libsd… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2010/11/16/2 | mailing-listx_refsource_MLIST |
| https://bugzilla.redhat.com/show_bug.cgi?id=647941 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20101116 Re: CVE Request: libsdp",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/16/7"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openfabrics.org/downloads/libsdp/libsdp-1.1.105-0.4.g1b9b996.tar.gz"
},
{
"name": "[oss-security] 20101116 CVE Request: libsdp",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/16/2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=647941"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp, which allows local users to overwrite arbitrary files via a (1) symlink or (2) hard link attack on the libsdp.log.##### temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-22T19:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20101116 Re: CVE Request: libsdp",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/16/7"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openfabrics.org/downloads/libsdp/libsdp-1.1.105-0.4.g1b9b996.tar.gz"
},
{
"name": "[oss-security] 20101116 CVE Request: libsdp",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/11/16/2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=647941"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4173",
"datePublished": "2010-11-22T19:00:00.000Z",
"dateReserved": "2010-11-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:34:37.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1693 (GCVE-0-2010-1693)
Vulnerability from cvelistv5 – Published: 2010-10-26 18:00 – Updated: 2024-08-07 01:35
VLAI
EPSS
VEX
Summary
openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.openwall.com/lists/oss-security/2010/10/22/1 | mailing-listx_refsource_MLIST |
| http://www.securityfocus.com/bid/44332 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/41937 | third-party-advisoryx_refsource_SECUNIA |
| http://www.osvdb.org/68856 | vdb-entryx_refsource_OSVDB |
| http://lists.openfabrics.org/pipermail/ewg/2010-O… | mailing-listx_refsource_MLIST |
Date Public
2010-10-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:35:53.708Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20101022 CVE-2010-1693: OFED openibd startup script uses predictable tmpfile",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/22/1"
},
{
"name": "44332",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44332"
},
{
"name": "ofed-openibd-symlink(62753)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62753"
},
{
"name": "41937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41937"
},
{
"name": "68856",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/68856"
},
{
"name": "[ewg] 20101021 [PATCH] security fix in openibd script",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.openfabrics.org/pipermail/ewg/2010-October/015886.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "bc94ec7e-8909-4cbb-83df-d2fc9330fa88",
"shortName": "sgi"
},
"references": [
{
"name": "[oss-security] 20101022 CVE-2010-1693: OFED openibd startup script uses predictable tmpfile",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2010/10/22/1"
},
{
"name": "44332",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44332"
},
{
"name": "ofed-openibd-symlink(62753)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62753"
},
{
"name": "41937",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41937"
},
{
"name": "68856",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/68856"
},
{
"name": "[ewg] 20101021 [PATCH] security fix in openibd script",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.openfabrics.org/pipermail/ewg/2010-October/015886.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-info@sgi.com",
"ID": "CVE-2010-1693",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20101022 CVE-2010-1693: OFED openibd startup script uses predictable tmpfile",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/10/22/1"
},
{
"name": "44332",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44332"
},
{
"name": "ofed-openibd-symlink(62753)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62753"
},
{
"name": "41937",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41937"
},
{
"name": "68856",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/68856"
},
{
"name": "[ewg] 20101021 [PATCH] security fix in openibd script",
"refsource": "MLIST",
"url": "http://lists.openfabrics.org/pipermail/ewg/2010-October/015886.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "bc94ec7e-8909-4cbb-83df-d2fc9330fa88",
"assignerShortName": "sgi",
"cveId": "CVE-2010-1693",
"datePublished": "2010-10-26T18:00:00.000Z",
"dateReserved": "2010-04-30T00:00:00.000Z",
"dateUpdated": "2024-08-07T01:35:53.708Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}