- Description
- libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a PDU with the numcreds field value greater than the number of actual elements to the __pmDecodeCreds function in p_creds.c; (2) the string byte number value to the __pmDecodeNameList function in p_pmns.c; (3) the numids value to the __pmDecodeIDList function in p_pmns.c; (4) unspecified vectors to the __pmDecodeProfile function in p_profile.c; the (5) status number value or (6) string number value to the __pmDecodeNameList function in p_pmns.c; (7) certain input to the __pmDecodeResult function in p_result.c; (8) the name length field (namelen) to the DecodeNameReq function in p_pmns.c; (9) a crafted PDU_FETCH request to the __pmDecodeFetch function in p_fetch.c; (10) the namelen field in the __pmDecodeInstanceReq function in p_instance.c; (11) the buflen field to the __pmDecodeText function in p_text.c; (12) PDU_INSTANCE packets to the __pmDecodeInstance in p_instance.c; or the (13) c_numpmid or (14) v_numval fields to the __pmDecodeLogControl function in p_lcontrol.c, which triggers integer overflows, heap-based buffer overflows, and/or buffer over-reads.
- Source
- secalert@redhat.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
- nvd@nist.gov
- CWE-189
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sgi:performance_co-pilot:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61D11953-C33A-47B0-B47E-10FD9ACA7A8B",
"versionEndIncluding": "3.6.4"
},
{
"criteria": "cpe:2.3:a:sgi:performance_co-pilot:2.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "81FC987D-ACD6-4495-87FE-5C3547CE22B8"
},
{
"criteria": "cpe:2.3:a:sgi:performance_co-pilot:2.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DECE1AE3-0247-4170-A02F-03D33A6DD33B"
},
{
"criteria": "cpe:2.3:a:sgi:performance_co-pilot:2.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D4E5A424-E298-4967-8174-CB6035126750"
},
{
"criteria": "cpe:2.3:a:sgi:performance_co-pilot:2.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DCFD1859-A3F0-4A1C-B593-B9FBFDF165D9"
},
{
"criteria": "cpe:2.3:a:sgi:performance_co-pilot:2.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5B5E5B48-F324-49DB-BD42-B8F9B9C3EA72"
},
{
"criteria": "cpe:2.3:a:sgi:performance_co-pilot:2.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9D6FF9F-006D-45C9-B0A1-A2E450A75590"
},
{
"criteria": "cpe:2.3:a:sgi:performance_co-pilot:2.1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C8F4743-9016-453B-81E7-F3BEC6979FE1"
},
{
"criteria": "cpe:2.3:a:sgi:performance_co-pilot:2.1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "817F8589-040B-4216-95A2-FE70000B1CDD"
},
{
"criteria": "cpe:2.3:a:sgi:performance_co-pilot:2.1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4B93DB7-2220-4CF6-B2F3-BB953023EE94"
},
{
"criteria": "cpe:2.3:a:sgi:performance_co-pilot:2.1.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4F9A53D4-333E-4DD1-A99D-AC35C808A138"
},
{
"criteria": "cpe:2.3:a:sgi:performance_co-pilot:2.1.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9F08C5F0-6EF7-4539-9CED-D3F3E81EEA82"
},
{
"criteria": "cpe:2.3:a:sgi:performance_co-pilot:2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "551F7EA0-7323-4D0C-8DE2-EE08689DAFDE"
}
],
"operator": "OR"
}
]
}
]