Home/CVE/libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of service and possibly exec
CVE

CVE-2012-3418

libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of service and possibly exec

libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a PDU with the numcreds field value greater than the number of actual elements to the __pmDecodeCreds function in p_creds.c.

(2) the string byte number value to the __pmDecodeNameList function in p_pmns.c.

(3) the numids value to the __pmDecodeIDList function in p_pmns.c.

(4) unspecified vectors to the __pmDecodeProfile function in p_profile.c.

the (5) status number value or (6) string number value to the __pmDecodeNameList function in p_pmns.c.

(7) certain input to the __pmDecodeResult function in p_result.c.

(8) the name length field (namelen) to the DecodeNameReq function in p_pmns.c.

(9) a crafted PDU_FETCH request to the __pmDecodeFetch function in p_fetch.c.

(10) the namelen field in the __pmDecodeInstanceReq function in p_instance.c.

(11) the buflen field to the __pmDecodeText function in p_text.c.

(12) PDU_INSTANCE packets to the __pmDecodeInstance in p_instance.c.

or the (13) c_numpmid or (14) v_numval fields to the __pmDecodeLogControl function in p_lcontrol.c, which triggers integer overflows, heap-based buffer overflows, and/or buffer over-reads.

MEDIUM · CVSS 5 EPSS 0.03579
Monitor
  • No active-exploitation, high-EPSS, or public-exploit signals - routine patching cadence
Sigma rules0 YARA rules0

Affected Products & Versions

2
sgi performance co-pilot<= 3.6.4
sgi performance co-pilotall versions

Scoring & Timeline

5
MEDIUM · CVSS v2 (legacy) · secalert@redhat.com
View on NVD
This CVE predates CVSS v3; the legacy v2 score is shown so triage still has a severity to work with.
v2 Vector
AV:N/AC:L/Au:N/C:N/I:N/A:P
Published to NVD27 Aug 2012 · 11:55 PM

Vendor Advisories

1
suse-csafopenSUSE-SU-2024:10165-1
🔗

References & Sources

30
Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.
http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085324.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085333.html
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00024.html
http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git
http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git
http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git
Intelligence Graph · click any node to traverse
CVETechnique ActorTool Family
drag to reposition · click any node to traverse · button top-right enlarges
External lookups - second-class, for what we don’t hold ourselves
NVDCVE.orgCISAVulnersExploit-DBGitHub PoCVulnCheck KEVGreyNoise
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin