Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 394597 (CVE-2011-4339) - <sys-apps/ipmitool-1.8.11-r1: Insecure PID Files Security Issue (CVE-2011-4339)
Summary: <sys-apps/ipmitool-1.8.11-r1: Insecure PID Files Security Issue (CVE-2011-4339)
Status: RESOLVED FIXED
Alias: CVE-2011-4339
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://secunia.com/advisories/47173/
Whiteboard: B3 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2011-12-13 19:42 UTC by Agostino Sarubbo
Modified: 2012-02-29 21:59 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2011-12-13 19:42:38 UTC
From secunia security advisory at $URL:

Description:
The security issue is caused due to ipmievd creating PID files with insecure permissions, which can be exploited to e.g. terminate other processes by exchanging the process ID stored in the PID file.

The security issue is confirmed in version 1.8.11. Other versions may also be affected.


Solution:
There is a proposed patch:
https://bugzilla.redhat.com/attachment.cgi?id=525972
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2011-12-15 18:50:03 UTC
CVE-2011-4339 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4339):
  ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool
  package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, uses 0666 permissions
  for its ipmievd.pid PID file, which allows local users to kill arbitrary
  processes by writing to this file.
Comment 2 Paul B. Henson 2012-02-02 03:10:49 UTC
Is this package abandoned :(? Seems like a pretty simple fix if a dev with a spare minute or two could add the patch and tweak the ebuild :). Thanks...
Comment 3 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2012-02-02 03:15:14 UTC
This fix has been in the tree since Jan 21 already, as part of the Ubuntu patchset that also adds Dell support.
Comment 4 Tim Sammut (RETIRED) gentoo-dev 2012-02-02 03:19:00 UTC
Arches, please test and mark stable:
=sys-apps/ipmitool-1.8.11-r1
Target keywords : "amd64 ppc x86"
Comment 5 Agostino Sarubbo gentoo-dev 2012-02-02 14:30:25 UTC
@robbat2:

ebuild.minorsyn               1
   sys-apps/ipmitool/ipmitool-1.8.11-r1.ebuild: Ebuild contains leading spaces on line: 14

and seems missing readline ad rdepend, scanelf says that.




amd64 stable
Comment 6 Thomas Kahle (RETIRED) gentoo-dev 2012-02-08 14:37:41 UTC
x86 stable. Thanks:
Comment 7 Brent Baude (RETIRED) gentoo-dev 2012-02-28 19:47:43 UTC
ppc done
Comment 8 Sean Amoss (RETIRED) gentoo-dev Security 2012-02-28 21:59:17 UTC
Thanks, everyone. GLSA vote: no.
Comment 9 Tim Sammut (RETIRED) gentoo-dev 2012-02-29 21:59:22 UTC
GLSA Vote: No, too. Closing.