VYPR

Performance Co Pilot

by Sgi

CVEs (10)

  • CVE-2024-45769MedSep 19, 2024
    risk 0.36cvss 5.5epss 0.00

    A vulnerability was found in Performance Co-Pilot (PCP).  This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash.

  • CVE-2024-45770MedSep 19, 2024
    risk 0.29cvss 4.4epss 0.00

    A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with…

  • CVE-2001-0823Dec 6, 2001
    risk 0.03cvss epss 0.01

    The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR).

  • CVE-2000-1193Aug 31, 2001
    risk 0.03cvss epss 0.03

    Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port.

  • CVE-2023-6917Feb 28, 2024
    risk 0.00cvss epss 0.00

    A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted…

  • CVE-2012-5530Nov 29, 2012
    risk 0.00cvss epss 0.00

    The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot (PCP) before 3.6.10 allow local users to overwrite arbitrary files via a symlink attack on a /var/tmp/##### temporary file.

  • CVE-2012-3421Aug 27, 2012
    risk 0.00cvss epss 0.03

    The pduread function in pdu.c in libpcp in Performance Co-Pilot (PCP) before 3.6.5 does not properly time out connections, which allows remote attackers to cause a denial of service (pmcd hang) by sending individual bytes of a PDU separately, related to an "event-driven…

  • CVE-2012-3420Aug 27, 2012
    risk 0.00cvss epss 0.02

    Multiple memory leaks in Performance Co-Pilot (PCP) before 3.6.5 allow remote attackers to cause a denial of service (memory consumption or daemon crash) via a large number of PDUs with (1) a crafted context number to the DoFetch function in pmcd/src/dofetch.c or (2) a negative…

  • CVE-2012-3419Aug 27, 2012
    risk 0.00cvss epss 0.02

    Performance Co-Pilot (PCP) before 3.6.5 exports some of the /proc file system, which allows attackers to obtain sensitive information such as proc/pid/maps and command line arguments.

  • CVE-2012-3418Aug 27, 2012
    risk 0.00cvss epss 0.06

    libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a PDU with the numcreds field value greater than the number of actual elements to the __pmDecodeCreds function in p_creds.c; (2) the…