openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/ib_set_node_desc.sh temporary file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openfabrics | enterprise_distribution | 1.5.2 |
The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp, which allows local users to overwrite arbitrary files via a (1) symlink or (2) hard link attack on the libsdp.log.##### temporary file.
CVSS 2.0
Severity: LOW
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openfabrics | libsdp | * |
| openfabrics | libsdp | 1.1.99 |
| openfabrics | libsdp | 1.1.103 |
| openfabrics | libsdp | 1.1.101 |
| openfabrics | libsdp | 1.1.100 |
| openfabrics | libsdp | 1.1.102 |
ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution (OFED) before 1.5.3 does not properly handle certain non-array variables, which allows local users to cause a denial of service (stack memory corruption and system crash) by reading the /proc/net/sdpstats file.
CVSS 2.0
Severity: LOW
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openfabrics | enterprise_distribution | 1.2.5 |
| openfabrics | enterprise_distribution | 1.3.2 |
| openfabrics | enterprise_distribution | 1.5.1 |
| openfabrics | enterprise_distribution | * |
| openfabrics | enterprise_distribution | 1.5 |
| openfabrics | enterprise_distribution | 1.4.1 |
| openfabrics | enterprise_distribution | 1.3.1 |
| openfabrics | enterprise_distribution | 1.4 |
| openfabrics | enterprise_distribution | 1.1 |
| openfabrics | enterprise_distribution | 1.3 |
| openfabrics | enterprise_distribution | 1.4.2 |
librdmacm 1.0.16, when ibacm.port is not specified, connects to port 6125, which allows remote attackers to specify the address resolution information for the application via a malicious ib_acm service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openfabrics | librdmacm | 1.0.16 |
ibacm before 1.0.6 does not properly manage reference counts for multicast connections, which allows remote attackers to cause a denial of service (ibacm service crash) via a crafted join response.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openfabrics | ibacm | * |
ibacm 1.0.7 creates files with world-writable permissions, which allows local users to overwrite the ib_acm daemon log or ibacm.port file.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openfabrics | ibacm | 1.0.7 |
OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on (1) ibdiagnet.db, (2) ibdiagnet.fdbs, (3) ibdiagnet_ibis.log, (4) ibdiagnet.log, (5) ibdiagnet.lst, (6) ibdiagnet.mcfdbs, (7) ibdiagnet.pkey, (8) ibdiagnet.psl, (9) ibdiagnet.slvl, or (10) ibdiagnet.sm in /tmp/.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| openfabrics | ibutils | 1.5.7 |
| redhat | enterprise_linux | 6.0 |