CVE-2012-3419

NameCVE-2012-3419
DescriptionPerformance Co-Pilot (PCP) before 3.6.5 exports some of the /proc file system, which allows attackers to obtain sensitive information such as proc/pid/maps and command line arguments.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-2533-1
NVD severitymedium (attack range: remote)
Debian Bugs685476

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
pcp (PTS)jessie3.9.10fixed
stretch3.10.8fixed
sid3.11.3.1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
pcpsource(unstable)3.6.5medium685476
pcpsourcesqueeze3.3.3-squeeze2mediumDSA-2533-1

Search for package or bug name: Reporting problems