QwikSec

Security Database

CVE

CWE

Training

CVE-2012-3421

Published: Aug 27, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP) before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service (pmcd hang) by sending individual bytes of a PDU separately, related to an "event-driven programming flaw."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=blob%3Bf=CHANGELOG%3Bh=16c9cbb2f61d909487ea1c3171f4ab33e5648ac5%3Bhb=fe51067ae869a4d59f350ac319b09edcb77ac8e6

x_refsource_CONFIRM

openSUSE-SU-2012:1079

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2012:1081

vendor-advisory

x_refsource_SUSE

[oss-security] 20120816 pcp: Multiple security flaws

mailing-list

x_refsource_MLIST

http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=commit%3Bh=9ba85dca940de976176ce196fd5e3c4170936354

x_refsource_CONFIRM

FEDORA-2012-12076

vendor-advisory

x_refsource_FEDORA

openSUSE-SU-2012:1036

vendor-advisory

x_refsource_SUSE

FEDORA-2012-12024

vendor-advisory

x_refsource_FEDORA

https://bugzilla.redhat.com/show_bug.cgi?id=841706

x_refsource_MISC

SUSE-SU-2013:0190

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_DEBIAN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.