header-logo
Suggest Exploit
vendor:
Performance Co-Pilot (PCP)
by:
SecurityFocus
7.5
CVSS
HIGH
Denial of Service
N/A
CWE
Product Name: Performance Co-Pilot (PCP)
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2002

Performance Co-Pilot (PCP) Denial of Service Vulnerability

A vulnerability exists in some versions of the Performance Co-Pilot (PCP) daemon. It is possible to cause a denial of service condition by sending the daemon a large string of arbitrary data. An example of this exploit is using a Perl script to generate a large string of data and sending it to the PCP daemon via telnet.

Mitigation:

Upgrade to the latest version of Performance Co-Pilot (PCP)
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/4642/info

Performance Co-Pilot (PCP) is a set of services to support system-level performance monitoring developed by SGI. It has traditionally been an IRIX product, however SGI has made it open source and it is now available for Linux systems.

A vulnerability exists in some versions of the PCP daemon. It is possible to cause a denial of service condition by sending the daemon a large string of arbitrary data.


% perl -e 'print " a" x 92834244,"\n";'' | telnet sgi.victim.com 4321

Navigation

Suggest Exploit

Services By CQR