Red Hat Security Advisory 2013-0123-01 - The OpenIPMI packages provide command line tools and utilities to access platform information using Intelligent Platform Management Interface. System administrators can use OpenIPMI to manage systems and to perform system health monitoring. It was discovered that the IPMI event daemon created its process ID file with world-writable permissions. A local user could use this flaw to make the ipmievd init script kill an arbitrary process when the ipmievd daemon is stopped or restarted. Note: This issue did not affect the default configuration of OpenIPMI as shipped with Red Hat Enterprise Linux 5.
2deae90ed110e0a7cb728df733255c88da19161c8fc16e2a5df7248e8222da5a