← Back

Ipmitool

ipmitool

Vendor: Ipmitool Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-5208
4Debian
FedoraprojectIpmitool Project+1 more
4Debian Linux
FedoraIpmitool+1 more
Nov 21, 2024
Feb 5, 2020
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the i...Show more
It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19.Show less
CVE-2011-4339
1Ipmitool Project
1Ipmitool
Apr 29, 2026
Dec 15, 2011
N/A· v4
N/A· v3
3.6 LOW· v2
ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID...Show more
ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file.Show less