Debian Bug report logs -
#950761
ipmitool: CVE-2020-5208
Package:
src:ipmitool;
Maintainer for src:ipmitool is Jörg Frings-Fürst <debian@jffemail>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 5 Feb 2020 21:15:02 UTC
Severity: important
Tags: security, upstream
Found in versions ipmitool/18 ...
It's been found that multiple functions in ipmitool before 1819 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side This is especially dangerous if ipmitool is run as a privileged user This problem is fixed in version 1819 (CVE- ...
Synopsis
Important: ipmitool security update
Type/Severity
Security Advisory: Important
Topic
An update for ipmitool is now available for Red Hat Enterprise Linux 75 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis
Important: ipmitool security update
Type/Severity
Security Advisory: Important
Topic
An update for ipmitool is now available for Red Hat Enterprise Linux 76 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis
Important: ipmitool security update
Type/Severity
Security Advisory: Important
Topic
An update for ipmitool is now available for Red Hat Enterprise Linux 74 Advanced Update Support, Red Hat Enterprise Linux 74 Telco Extended Update Support, and Red Hat Enterprise Linux 74 Update Services for SAP ...
Synopsis
Important: ipmitool security update
Type/Severity
Security Advisory: Important
Topic
An update for ipmitool is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
Synopsis
Important: ipmitool security update
Type/Severity
Security Advisory: Important
Topic
An update for ipmitool is now available for Red Hat Enterprise Linux 72 Advanced Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis
Important: ipmitool security update
Type/Severity
Security Advisory: Important
Topic
An update for ipmitool is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabi ...
Synopsis
Important: ipmitool security update
Type/Severity
Security Advisory: Important
Topic
An update for ipmitool is now available for Red Hat Enterprise Linux 73 Advanced Update Support, Red Hat Enterprise Linux 73 Telco Extended Update Support, and Red Hat Enterprise Linux 73 Update Services for SAP ...
Synopsis
Important: ipmitool security update
Type/Severity
Security Advisory: Important
Topic
An update for ipmitool is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
Synopsis
Important: ipmitool security update
Type/Severity
Security Advisory: Important
Topic
An update for ipmitool is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base scor ...
It's been found that multiple functions in ipmitool before 1819 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side This is especially dangerous if ipmitool is run as a privileged user This problem is fixed in version 1819 ...