Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2012-3421

Published: 27/08/2012 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Sgi

Vulnerability Summary

The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP) prior to 3.6.5 does not properly time out connections, which allows remote malicious users to cause a denial of service (pmcd hang) by sending individual bytes of a PDU separately, related to an "event-driven programming flaw."

Vulnerable Product Search on Vulmon Subscribe to Product

sgi performance co-pilot 2.1.7

sgi performance co-pilot 2.1.9

sgi performance co-pilot 2.1.10

sgi performance co-pilot 2.1.11

sgi performance co-pilot 2.2

sgi performance co-pilot 2.1.3

sgi performance co-pilot 2.1.5

sgi performance co-pilot

sgi performance co-pilot 2.1.2

sgi performance co-pilot 2.1.6

sgi performance co-pilot 2.1.8

sgi performance co-pilot 2.1.1

sgi performance co-pilot 2.1.4

Vendor Advisories

Debian CVElist Bug Report Logs: pcp: CVE-2012-3418 CVE-2012-3419 CVE-2012-3420 CVE-2012-3421
Debian Bug report logs - #685476 pcp: CVE-2012-3418 CVE-2012-3419 CVE-2012-3420 CVE-2012-3421 Package: pcp; Maintainer for pcp is PCP Development Team <pcp@groupsio>; Source for pcp is src:pcp (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Tue, 21 Aug 2012 06:03:02 UTC Severity: grave ...
Debian Security Advisories: DSA-2533-1 pcp -- several vulnerabilities
It was discovered that Performance Co-Pilot (pcp), a framework for performance monitoring, contains several vulnerabilities CVE-2012-3418 Multiple buffer overflows in the PCP protocol decoders can cause PCP clients and servers to crash or, potentially, execute arbitrary code while processing crafted PDUs CVE-2012-3419 The linux PMDA used by ...

References

NVD-CWE-Otherhttp://www.openwall.com/lists/oss-security/2012/08/16/1http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085333.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2012-August/085324.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=841706http://www.debian.org/security/2012/dsa-2533https://hermes.opensuse.org/messages/15471040https://hermes.opensuse.org/messages/15540133https://hermes.opensuse.org/messages/15540172http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00024.htmlhttp://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=blob%3Bf=CHANGELOG%3Bh=16c9cbb2f61d909487ea1c3171f4ab33e5648ac5%3Bhb=fe51067ae869a4d59f350ac319b09edcb77ac8e6http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=commit%3Bh=9ba85dca940de976176ce196fd5e3c4170936354https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685476https://nvd.nist.govhttps://www.debian.org/security/./dsa-2533
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-3400deserializationCVE-2024-21788CVE-2023-42433CVE-2024-21841CVE-2024-22095local file inclusionmemory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook