CVE-2012-3421

NONE EPSS 87.1%
Published Aug 27, 201213y ago · Modified Jun 16, 20262w ago
Find Similar
Published Aug 27, 2012 13y ago
Last Modified Jun 16, 2026 2w ago

Description

The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP) before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service (pmcd hang) by sending individual bytes of a PDU separately, related to an "event-driven programming flaw."

Threat Intelligence

EPSS Exploit Probability
87.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Affected Products 13

VendorProductVersionRange
sgiperformance_co-pilot* ≤3.6.4
sgiperformance_co-pilot2.1.1any
sgiperformance_co-pilot2.1.2any
sgiperformance_co-pilot2.1.3any
sgiperformance_co-pilot2.1.4any
sgiperformance_co-pilot2.1.5any
sgiperformance_co-pilot2.1.6any
sgiperformance_co-pilot2.1.7any
sgiperformance_co-pilot2.1.8any
sgiperformance_co-pilot2.1.9any
sgiperformance_co-pilot2.1.10any
sgiperformance_co-pilot2.1.11any
sgiperformance_co-pilot2.2any

References 11

  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085324.html
  • lists.fedoraproject.org http://lists.fedoraproject.org/pipermail/package-announce/2012-August/085333.html
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00024.html
  • oss.sgi.com http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=blob%3Bf=CHANGELOG%3Bh=16c9cbb2f61d909487ea1c3171f4ab33e5648ac5%3Bhb=fe51067ae869a4d59f350ac319b09edcb77ac8e6
  • oss.sgi.com http://oss.sgi.com/cgi-bin/gitweb.cgi?p=pcp/pcp.git%3Ba=commit%3Bh=9ba85dca940de976176ce196fd5e3c4170936354
  • debian.org http://www.debian.org/security/2012/dsa-2533
  • openwall.com http://www.openwall.com/lists/oss-security/2012/08/16/1
  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=841706
  • hermes.opensuse.org https://hermes.opensuse.org/messages/15471040
  • hermes.opensuse.org https://hermes.opensuse.org/messages/15540133
  • hermes.opensuse.org https://hermes.opensuse.org/messages/15540172

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.