Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4516

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2012-4516
Last Modified 08 Nov 2012 12:00:00
Published 22 Oct 2012 07:55:08
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4516

Summary

librdmacm 1.0.16, when ibacm.port is not specified, connects to port 6125, which allows remote attackers to specify the address resolution information for the application via a malicious ib_acm service.

Vulnerable Systems

Application

  • Openfabrics Librdmacm 1.0.16


References

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=865483

BID - 55896

MLIST - [oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)

MLIST - [oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)

CONFIRM - http://git.openfabrics.org/git?p=~shefty/librdmacm.git;a=commitdiff;h=4b5c1aa734e0e734fc2ba3cd41d0ddf02170af6d


Last Updated: 27 May 2016 10:53:37