Detections
Analytics

MiracleLinux 3 : OpenIPMI-2.0.16-16.0.1.AXS3 (AXSA:2013-38:01)

medium Nessus Plugin ID 289722

Synopsis

The remote MiracleLinux host is missing a security update.

Description

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-38:01 advisory.

 The Open IPMI project aims to develop an open code base to allow access to platform information using Intelligent Platform Management Interface (IPMI). This package contains the tools of the OpenIPMI project.
 Security issues fixed with this release:
 CVE-2011-4339 ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux (RHEL) 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file.
 Fixed bugs:
 On non-Dell platforms, the ipmitool utility listed incomlete and misleading command usage. This has been fixed.
 Disabled automatic bridging of SDR (Sensor Data Record) readings to IPMB to increase performance and show sensor data correctly.
 Fixed exit code of 'ipmitool -o list' command: it now returns 0, as expected.
 Added the path to /sbin to lsmod and modprobe to prevent the init script from failing if PATH did not point to /sbin.
 Added the -b, -B, -l and -T options in the ipmitool man page.
 Enhancements:
 Added some Dell-specific IPMI extension:
 vFlash: allows users to display information about extended SD cards.
 setled: allows users to display the backplane LED status.
 Improved error descriptions.
 Added support for new hardware.
 Updated documentation of the ipmitool delloem commands in the ipmitool manual page.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://tsn.miraclelinux.com/en/node/3659

Plugin Details

Severity: Medium

ID: 289722

File Name: miracle_linux_AXSA-2013-38.nasl

Version: 1.1

Type: local

Published: 1/16/2026

Updated: 1/16/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: Low

Base Score: 3.6

Temporal Score: 2.7

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:P

CVSS Score Source: CVE-2011-4339

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 4.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:miracle:linux:openipmi-devel, p-cpe:/a:miracle:linux:openipmi-tools, cpe:/o:miracle:linux:3, p-cpe:/a:miracle:linux:openipmi-perl, p-cpe:/a:miracle:linux:openipmi, p-cpe:/a:miracle:linux:openipmi-libs

Required KB Items: Host/local_checks_enabled, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 1/22/2013

Vulnerability Publication Date: 12/13/2011

Reference Information

CVE: CVE-2011-4339