CVE - CVE-2012-3420

CVE-ID
CVE-2012-3420	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple memory leaks in Performance Co-Pilot (PCP) before 3.6.5 allow remote attackers to cause a denial of service (memory consumption or daemon crash) via a large number of PDUs with (1) a crafted context number to the DoFetch function in pmcd/src/dofetch.c or (2) a negative type value to the __pmGetPDU function in libpcp/src/pdu.c.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MLIST:[oss-security] 20120816 pcp: Multiple security flaws URL:http://www.openwall.com/lists/oss-security/2012/08/16/1 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=841298 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=841319 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=841704 CONFIRM:http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git;a=blob;f=CHANGELOG;h=16c9cbb2f61d909487ea1c3171f4ab33e5648ac5;hb=fe51067ae869a4d59f350ac319b09edcb77ac8e6 CONFIRM:http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git;a=commit;h=68fb968b4ee635bb301dc9ab64e633b0d66d27b4 CONFIRM:http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git;a=commit;h=a7dc844d3586ea79887655a97c4252a79751fdae DEBIAN:DSA-2533 URL:http://www.debian.org/security/2012/dsa-2533 FEDORA:FEDORA-2012-12024 URL:http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085324.html FEDORA:FEDORA-2012-12076 URL:http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085333.html SUSE:openSUSE-SU-2012:1079 URL:https://hermes.opensuse.org/messages/15540133 SUSE:openSUSE-SU-2012:1081 URL:https://hermes.opensuse.org/messages/15540172 SUSE:openSUSE-SU-2012:1036 URL:https://hermes.opensuse.org/messages/15471040 SUSE:SUSE-SU-2013:0190 URL:http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00024.html
Assigning CNA
N/A
Date Entry Created
20120614	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20120614)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org