Vulnerabilites related to systemtap - systemtap
CVE-2009-0784 (GCVE-0-2009-0784)
Vulnerability from cvelistv5
Published
2009-03-25 23:00
Modified
2024-08-07 04:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.debian.org/security/2009/dsa-1755 | vendor-advisory, x_refsource_DEBIAN | |
| http://secunia.com/advisories/34479 | third-party-advisory, x_refsource_SECUNIA | |
| http://support.avaya.com/elmodocs2/security/ASA-2009-110.htm | x_refsource_CONFIRM | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11613 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.redhat.com/support/errata/RHSA-2009-0373.html | vendor-advisory, x_refsource_REDHAT | |
| http://secunia.com/advisories/34548 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2009/0907 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/34441 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:48:52.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1755",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1755"
},
{
"name": "34479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34479"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-110.htm"
},
{
"name": "oval:org.mitre.oval:def:11613",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11613"
},
{
"name": "RHSA-2009:0373",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0373.html"
},
{
"name": "34548",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34548"
},
{
"name": "ADV-2009-0907",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0907"
},
{
"name": "34441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34441"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-1755",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1755"
},
{
"name": "34479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34479"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-110.htm"
},
{
"name": "oval:org.mitre.oval:def:11613",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11613"
},
{
"name": "RHSA-2009:0373",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0373.html"
},
{
"name": "34548",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34548"
},
{
"name": "ADV-2009-0907",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0907"
},
{
"name": "34441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34441"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-0784",
"datePublished": "2009-03-25T23:00:00",
"dateReserved": "2009-03-04T00:00:00",
"dateUpdated": "2024-08-07T04:48:52.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1781 (GCVE-0-2011-1781)
Vulnerability from cvelistv5
Published
2011-08-29 21:00
Modified
2024-08-06 22:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs stack unwinding (aka backtracing).
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/44802 | third-party-advisory, x_refsource_SECUNIA | |
| https://bugzilla.redhat.com/show_bug.cgi?id=702687 | x_refsource_CONFIRM | |
| http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/47934 | vdb-entry, x_refsource_BID | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:155 | vendor-advisory, x_refsource_MANDRIVA | |
| https://rhn.redhat.com/errata/RHSA-2011-0842.html | vendor-advisory, x_refsource_REDHAT | |
| http://openwall.com/lists/oss-security/2011/05/20/2 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:25.780Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44802"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"name": "47934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47934"
},
{
"name": "MDVSA-2011:155",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"name": "RHSA-2011:0842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
},
{
"name": "[oss-security] 20110520 systemtap divide-by-zero issues (CVE-2011-1769, CVE-2011-1781)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs stack unwinding (aka backtracing)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-26T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "44802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44802"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"name": "47934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47934"
},
{
"name": "MDVSA-2011:155",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"name": "RHSA-2011:0842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
},
{
"name": "[oss-security] 20110520 systemtap divide-by-zero issues (CVE-2011-1769, CVE-2011-1781)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1781",
"datePublished": "2011-08-29T21:00:00",
"dateReserved": "2011-04-19T00:00:00",
"dateUpdated": "2024-08-06T22:37:25.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2502 (GCVE-0-2011-2502)
Vulnerability from cvelistv5
Published
2012-07-26 19:00
Modified
2024-09-16 20:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=716476 | x_refsource_MISC | |
| http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=4ecaadf545a729bb3e5f01f6f019716d49815d9a | x_refsource_CONFIRM | |
| http://secunia.com/advisories/45377 | third-party-advisory, x_refsource_SECUNIA | |
| http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=4ecaadf545a729bb3e5f01f6f019716d49815d9a"
},
{
"name": "45377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45377"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-26T19:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=4ecaadf545a729bb3e5f01f6f019716d49815d9a"
},
{
"name": "45377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45377"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2502",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=716476",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"
},
{
"name": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=4ecaadf545a729bb3e5f01f6f019716d49815d9a",
"refsource": "CONFIRM",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=4ecaadf545a729bb3e5f01f6f019716d49815d9a"
},
{
"name": "45377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45377"
},
{
"name": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=blob;f=NEWS;hb=304d73b1fea24af791f2a129fb141c5009eae6a8",
"refsource": "CONFIRM",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=blob;f=NEWS;hb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2502",
"datePublished": "2012-07-26T19:00:00Z",
"dateReserved": "2011-06-15T00:00:00Z",
"dateUpdated": "2024-09-16T20:42:11.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0411 (GCVE-0-2010-0411)
Vulnerability from cvelistv5
Published
2010-02-08 20:00
Modified
2024-08-07 00:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large number of arguments, leading to a buffer overflow.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "38817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38817"
},
{
"name": "38426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38426"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=559719"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39656"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11234"
},
{
"name": "[oss-security] 20100204 systemtap DoS issue (CVE-2010-0411)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=126530657715364\u0026w=2"
},
{
"name": "38680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38680"
},
{
"name": "oval:org.mitre.oval:def:9675",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9675"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "RHSA-2010:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0125.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=a2d399c87a642190f08ede63dc6fc434a5a8363a"
},
{
"name": "1023664",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023664"
},
{
"name": "38120",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38120"
},
{
"name": "RHSA-2010:0124",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"name": "38765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38765"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large number of arguments, leading to a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "38817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38817"
},
{
"name": "38426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38426"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=559719"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39656"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11234"
},
{
"name": "[oss-security] 20100204 systemtap DoS issue (CVE-2010-0411)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=126530657715364\u0026w=2"
},
{
"name": "38680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38680"
},
{
"name": "oval:org.mitre.oval:def:9675",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9675"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "RHSA-2010:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0125.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=a2d399c87a642190f08ede63dc6fc434a5a8363a"
},
{
"name": "1023664",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023664"
},
{
"name": "38120",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38120"
},
{
"name": "RHSA-2010:0124",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"name": "38765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38765"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0411",
"datePublished": "2010-02-08T20:00:00",
"dateReserved": "2010-01-27T00:00:00",
"dateUpdated": "2024-08-07T00:45:12.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4170 (GCVE-0-2010-4170)
Vulnerability from cvelistv5
Published
2010-12-07 21:00
Modified
2024-08-07 03:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "systemtap-staprun-priv-escalation(63344)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63344"
},
{
"name": "[systemtap] 20101117 important systemtap security fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"name": "FEDORA-2010-17873",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"name": "15620",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/15620"
},
{
"name": "42263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42263"
},
{
"name": "FEDORA-2010-17865",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"name": "RHSA-2010:0894",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"name": "RHSA-2010:0895",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0895.html"
},
{
"name": "42306",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42306"
},
{
"name": "44914",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44914"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "1024754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024754"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "42256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42256"
},
{
"name": "42318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42318"
},
{
"name": "FEDORA-2010-17868",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152569/SystemTap-1.3-MODPROBE_OPTIONS-Privilege-Escalation.html"
},
{
"name": "46730",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46730/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-19T15:06:14",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "systemtap-staprun-priv-escalation(63344)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63344"
},
{
"name": "[systemtap] 20101117 important systemtap security fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"name": "FEDORA-2010-17873",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"name": "15620",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/15620"
},
{
"name": "42263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42263"
},
{
"name": "FEDORA-2010-17865",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"name": "RHSA-2010:0894",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"name": "RHSA-2010:0895",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0895.html"
},
{
"name": "42306",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42306"
},
{
"name": "44914",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44914"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "1024754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024754"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "42256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42256"
},
{
"name": "42318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42318"
},
{
"name": "FEDORA-2010-17868",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152569/SystemTap-1.3-MODPROBE_OPTIONS-Privilege-Escalation.html"
},
{
"name": "46730",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46730/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4170",
"datePublished": "2010-12-07T21:00:00",
"dateReserved": "2010-11-04T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0875 (GCVE-0-2012-0875)
Vulnerability from cvelistv5
Published
2014-02-04 19:00
Modified
2024-08-06 18:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an invalid pointer.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2012-0376.html | vendor-advisory, x_refsource_REDHAT | |
| http://sourceware.org/bugzilla/show_bug.cgi?id=13714 | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1026777 | vdb-entry, x_refsource_SECTRACK | |
| http://permalink.gmane.org/gmane.comp.security.oss.general/6987 | mailing-list, x_refsource_MLIST | |
| http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=64b0cff3b | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2013-03/msg00057.html | vendor-advisory, x_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:38:14.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2012:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0376.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=13714"
},
{
"name": "1026777",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1026777"
},
{
"name": "[oss-security] 20120222 CVE-2012-0875: systemtap memory disclosure/kernel panic when processing malformed DWARF unwind data",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://permalink.gmane.org/gmane.comp.security.oss.general/6987"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=64b0cff3b"
},
{
"name": "openSUSE-SU-2013:0475",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00057.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an invalid pointer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-04T18:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2012:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0376.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=13714"
},
{
"name": "1026777",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1026777"
},
{
"name": "[oss-security] 20120222 CVE-2012-0875: systemtap memory disclosure/kernel panic when processing malformed DWARF unwind data",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://permalink.gmane.org/gmane.comp.security.oss.general/6987"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=64b0cff3b"
},
{
"name": "openSUSE-SU-2013:0475",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00057.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0875",
"datePublished": "2014-02-04T19:00:00",
"dateReserved": "2012-01-19T00:00:00",
"dateUpdated": "2024-08-06T18:38:14.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0412 (GCVE-0-2010-0412)
Vulnerability from cvelistv5
Published
2010-02-25 00:00
Modified
2024-08-07 00:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html | vendor-advisory, x_refsource_FEDORA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/56611 | vdb-entry, x_refsource_XF | |
| http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html | mailing-list, x_refsource_MLIST | |
| http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.securityfocus.com/bid/38316 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "systemtap-stapserver-unspecified(56611)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56611"
},
{
"name": "[scm-commits] 20100215 rpms/systemtap/devel systemtap-1.1-tighten-server-params.patch, NONE, 1.1 systemtap.spec, 1.59, 1.60",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "38316",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "systemtap-stapserver-unspecified(56611)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56611"
},
{
"name": "[scm-commits] 20100215 rpms/systemtap/devel systemtap-1.1-tighten-server-params.patch, NONE, 1.1 systemtap.spec, 1.59, 1.60",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "38316",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38316"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0412",
"datePublished": "2010-02-25T00:00:00",
"dateReserved": "2010-01-27T00:00:00",
"dateUpdated": "2024-08-07T00:45:12.276Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2911 (GCVE-0-2009-2911)
Vulnerability from cvelistv5
Published
2009-10-22 16:00
Modified
2024-08-07 06:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2) cause a denial of service via crafted DWARF expressions that trigger a kernel stack frame overflow, or (3) cause a denial of service (infinite loop) via vectors that trigger creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records.
References
| ▼ | URL | Tags |
|---|---|---|
| http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750 | x_refsource_CONFIRM | |
| https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00793.html | vendor-advisory, x_refsource_FEDORA | |
| http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2009/10/21/1 | mailing-list, x_refsource_MLIST | |
| https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00627.html | vendor-advisory, x_refsource_FEDORA | |
| https://bugzilla.redhat.com/show_bug.cgi?id=529175 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/37167 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/36778 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2009/2989 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750"
},
{
"name": "FEDORA-2009-10849",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00793.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633"
},
{
"name": "[oss-security] 20091021 CVE assignment notification -- CVE-2009-2911 - Three SystemTap-1.0 DoS issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/10/21/1"
},
{
"name": "FEDORA-2009-10719",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00627.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529175"
},
{
"name": "37167",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37167"
},
{
"name": "36778",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36778"
},
{
"name": "ADV-2009-2989",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2989"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2) cause a denial of service via crafted DWARF expressions that trigger a kernel stack frame overflow, or (3) cause a denial of service (infinite loop) via vectors that trigger creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-10-31T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750"
},
{
"name": "FEDORA-2009-10849",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00793.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633"
},
{
"name": "[oss-security] 20091021 CVE assignment notification -- CVE-2009-2911 - Three SystemTap-1.0 DoS issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/10/21/1"
},
{
"name": "FEDORA-2009-10719",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00627.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529175"
},
{
"name": "37167",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37167"
},
{
"name": "36778",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36778"
},
{
"name": "ADV-2009-2989",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2989"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-2911",
"datePublished": "2009-10-22T16:00:00",
"dateReserved": "2009-08-20T00:00:00",
"dateUpdated": "2024-08-07T06:07:37.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1769 (GCVE-0-2011-1769)
Vulnerability from cvelistv5
Published
2011-08-29 21:00
Modified
2024-08-06 22:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/44802 | third-party-advisory, x_refsource_SECUNIA | |
| https://bugzilla.redhat.com/show_bug.cgi?id=702687 | x_refsource_CONFIRM | |
| http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/47934 | vdb-entry, x_refsource_BID | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:154 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2011:155 | vendor-advisory, x_refsource_MANDRIVA | |
| https://rhn.redhat.com/errata/RHSA-2011-0842.html | vendor-advisory, x_refsource_REDHAT | |
| http://openwall.com/lists/oss-security/2011/05/20/2 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:25.789Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44802"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"name": "47934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47934"
},
{
"name": "MDVSA-2011:154",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:154"
},
{
"name": "MDVSA-2011:155",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"name": "RHSA-2011:0842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
},
{
"name": "[oss-security] 20110520 systemtap divide-by-zero issues (CVE-2011-1769, CVE-2011-1781)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-26T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "44802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44802"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"name": "47934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47934"
},
{
"name": "MDVSA-2011:154",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:154"
},
{
"name": "MDVSA-2011:155",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"name": "RHSA-2011:0842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
},
{
"name": "[oss-security] 20110520 systemtap divide-by-zero issues (CVE-2011-1769, CVE-2011-1781)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1769",
"datePublished": "2011-08-29T21:00:00",
"dateReserved": "2011-04-19T00:00:00",
"dateUpdated": "2024-08-06T22:37:25.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2503 (GCVE-0-2011-2503)
Vulnerability from cvelistv5
Published
2012-07-26 19:00
Modified
2024-09-17 01:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503 | x_refsource_MISC | |
| http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=ed51cfa24ca27746ab09b59280b94117dd58cba3 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2011/dsa-2348 | vendor-advisory, x_refsource_DEBIAN | |
| http://secunia.com/advisories/46920 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/45377 | third-party-advisory, x_refsource_SECUNIA | |
| http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.115Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=ed51cfa24ca27746ab09b59280b94117dd58cba3"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "45377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45377"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-26T19:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=ed51cfa24ca27746ab09b59280b94117dd58cba3"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "45377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45377"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2503",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503"
},
{
"name": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=ed51cfa24ca27746ab09b59280b94117dd58cba3",
"refsource": "CONFIRM",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=ed51cfa24ca27746ab09b59280b94117dd58cba3"
},
{
"name": "DSA-2348",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "46920",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46920"
},
{
"name": "45377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45377"
},
{
"name": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=blob;f=NEWS;hb=304d73b1fea24af791f2a129fb141c5009eae6a8",
"refsource": "CONFIRM",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=blob;f=NEWS;hb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2503",
"datePublished": "2012-07-26T19:00:00Z",
"dateReserved": "2011-06-15T00:00:00Z",
"dateUpdated": "2024-09-17T01:01:54.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4273 (GCVE-0-2009-4273)
Vulnerability from cvelistv5
Published
2010-01-26 18:00
Modified
2024-08-07 06:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:54:10.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "oval:org.mitre.oval:def:11417",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11417"
},
{
"name": "38154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38154"
},
{
"name": "FEDORA-2010-0671",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034036.html"
},
{
"name": "FEDORA-2010-0688",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034041.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/systemtap/ftp/releases/systemtap-1.1.tar.gz"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39656"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=550172"
},
{
"name": "38216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38216"
},
{
"name": "[scm-commits] 20100215 rpms/systemtap/devel systemtap-1.1-tighten-server-params.patch, NONE, 1.1 systemtap.spec, 1.59, 1.60",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"name": "ADV-2010-0169",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0169"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "[systemtap] 20100115 SystemTap release 1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceware.org/ml/systemtap/2010-q1/msg00142.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11105"
},
{
"name": "RHSA-2010:0124",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"name": "38765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38765"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "oval:org.mitre.oval:def:11417",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11417"
},
{
"name": "38154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38154"
},
{
"name": "FEDORA-2010-0671",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034036.html"
},
{
"name": "FEDORA-2010-0688",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034041.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/systemtap/ftp/releases/systemtap-1.1.tar.gz"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39656"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=550172"
},
{
"name": "38216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38216"
},
{
"name": "[scm-commits] 20100215 rpms/systemtap/devel systemtap-1.1-tighten-server-params.patch, NONE, 1.1 systemtap.spec, 1.59, 1.60",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"name": "ADV-2010-0169",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0169"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "[systemtap] 20100115 SystemTap release 1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceware.org/ml/systemtap/2010-q1/msg00142.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11105"
},
{
"name": "RHSA-2010:0124",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"name": "38765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38765"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-4273",
"datePublished": "2010-01-26T18:00:00",
"dateReserved": "2009-12-10T00:00:00",
"dateUpdated": "2024-08-07T06:54:10.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4171 (GCVE-0-2010-4171)
Vulnerability from cvelistv5
Published
2010-12-07 21:00
Modified
2024-08-07 03:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary kernel modules).
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.634Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[systemtap] 20101117 important systemtap security fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"name": "FEDORA-2010-17873",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"name": "42263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42263"
},
{
"name": "FEDORA-2010-17865",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=653606"
},
{
"name": "systemtap-staprunmod-dos(63345)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63345"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"name": "RHSA-2010:0894",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "1024754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024754"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "42256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42256"
},
{
"name": "42318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42318"
},
{
"name": "44917",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44917"
},
{
"name": "FEDORA-2010-17868",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary kernel modules)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[systemtap] 20101117 important systemtap security fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"name": "FEDORA-2010-17873",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"name": "42263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42263"
},
{
"name": "FEDORA-2010-17865",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=653606"
},
{
"name": "systemtap-staprunmod-dos(63345)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63345"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"name": "RHSA-2010:0894",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "1024754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024754"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "42256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42256"
},
{
"name": "42318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42318"
},
{
"name": "44917",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44917"
},
{
"name": "FEDORA-2010-17868",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4171",
"datePublished": "2010-12-07T21:00:00",
"dateReserved": "2010-11-04T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2010-12-07 22:00
Modified
2025-04-11 00:51
Severity ?
Summary
The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary kernel modules).
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3D031679-0C77-4645-B488-DA29BB81FA39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary kernel modules)."
},
{
"lang": "es",
"value": "La herramienta en tiempo de ejecuci\u00f3n staprun en SystemTap v1.3 no comprueba que un m\u00f3dulo que se descargue hubiera sido cargado previamente por SystemTap, lo que permite a usuarios locales causar una denegaci\u00f3n de servicio (mediante descarga de los m\u00f3dulos del kernel de su elecci\u00f3n).\r\n"
}
],
"id": "CVE-2010-4171",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-07T22:00:02.517",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42256"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42263"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42318"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/46920"
},
{
"source": "secalert@redhat.com",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"source": "secalert@redhat.com",
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/44917"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1024754"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=653606"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/44917"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=653606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63345"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-08-29 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| systemtap | systemtap | * | |
| systemtap | systemtap | 0.2.2 | |
| systemtap | systemtap | 0.3 | |
| systemtap | systemtap | 0.4 | |
| systemtap | systemtap | 0.5 | |
| systemtap | systemtap | 0.5.3 | |
| systemtap | systemtap | 0.5.4 | |
| systemtap | systemtap | 0.5.5 | |
| systemtap | systemtap | 0.5.7 | |
| systemtap | systemtap | 0.5.8 | |
| systemtap | systemtap | 0.5.9 | |
| systemtap | systemtap | 0.5.10 | |
| systemtap | systemtap | 0.5.12 | |
| systemtap | systemtap | 0.5.13 | |
| systemtap | systemtap | 0.5.14 | |
| systemtap | systemtap | 0.6 | |
| systemtap | systemtap | 0.6.2 | |
| systemtap | systemtap | 0.7 | |
| systemtap | systemtap | 0.7.2 | |
| systemtap | systemtap | 0.8 | |
| systemtap | systemtap | 0.9 | |
| systemtap | systemtap | 0.9.5 | |
| systemtap | systemtap | 0.9.7 | |
| systemtap | systemtap | 0.9.8 | |
| systemtap | systemtap | 0.9.9 | |
| systemtap | systemtap | 1.0 | |
| systemtap | systemtap | 1.1 | |
| systemtap | systemtap | 1.2 | |
| systemtap | systemtap | 1.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systemtap:systemtap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DC727CB-799D-4AB4-B40E-5FB0B8A261C3",
"versionEndIncluding": "1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "04AE85B6-FE8D-4DD1-BECE-6B7146CF9D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E150AE05-60B4-4ECE-AEFA-3A230DAEBCA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36FBF185-3189-40C2-B51B-2531F2D88602",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C62AFF32-856E-4EF9-A87F-C06B6FEEE31F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57C746CB-8DFE-4795-931F-42050D7FBEB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "986B653D-5CF2-454C-A38F-172D2256E20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5E8C63-D68F-4ACA-B0DC-1D9EF6A3BFA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BD56E555-180D-45C3-9311-EFB32F480035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "74215553-AB86-4184-B3AB-D82B20275ED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5044754F-66CD-4D17-8874-7303D9F2DCE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DC674046-FC4F-4262-8F71-4DEECAEC1A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7A621722-6DD4-461D-AD74-461B9C10C772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "9B5B77E9-F98C-4310-8D6A-E41A27CD559A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B6E9824F-8977-4CE6-BA05-E8899E41066E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FF58A998-52F0-4BCA-9FF7-FCCC28E6FCE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C2327CA9-5A80-4C86-BAF6-A9E3BB7085C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6627D143-6E8D-40DE-BBD0-308FF1B200D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1AE49CA-424E-4328-A348-98F2C847D8FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "19E88BF9-1403-40F9-A64E-A1FEFEFC4E2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3E12D5C4-4BC6-4802-B5CE-5D5A41FB3B71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD4201A-64B5-4DCC-9696-BD0F8780D200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C3FEDD7F-969D-422C-A899-9550EC52EBD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F37EBCB6-8056-466C-B2AB-385DF48EEA8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0D795EA7-04FC-4D0E-9944-6C9D4882A897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36C437-D28D-452A-BAF0-4A618A61920B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB898A5-C8EF-4BBA-B480-00461218FC3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D06D7E42-666F-43CE-8BE3-0EE915450CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3D031679-0C77-4645-B488-DA29BB81FA39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access."
},
{
"lang": "es",
"value": "SystemTap 1.4, cuando el modo no privilegiado (tambi\u00e9n conocido como stapusr) est\u00e1 habilitado, permite a usuarios locales provocar una denegaci\u00f3n de servicio (error de divisi\u00f3n por cero y OOPS) a trav\u00e9s de un programa de ELF modificado con expresiones DWARF que no est\u00e1n bien mipulado por una secuencia de comandos STAP que realiza acceso a variables de contexto."
}
],
"id": "CVE-2011-1769",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-08-29T21:55:00.753",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/44802"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:154"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/47934"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/44802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/47934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-02-08 20:30
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large number of arguments, leading to a buffer overflow.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB898A5-C8EF-4BBA-B480-00461218FC3B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large number of arguments, leading to a buffer overflow."
},
{
"lang": "es",
"value": "M\u00faltiples errores de presencia de signo en entero en las funciones (1) __get_argv and (2) __get_compat_argv en tapset/aux_syscalls.stp en SystemTap 1.1, permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda de secuencias de comandos, o la ca\u00edda o cuelgue del sistema) a trav\u00e9s de un proceso con un n\u00famero elevado de argumentos que permite el desbordamiento de b\u00fafer."
}
],
"id": "CVE-2010-0411",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-02-08T20:30:01.310",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://marc.info/?l=oss-security\u0026m=126530657715364\u0026w=2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38426"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/38680"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/38765"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/38817"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/39656"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1023664"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11234"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=a2d399c87a642190f08ede63dc6fc434a5a8363a"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0125.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/38120"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/1001"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=559719"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=oss-security\u0026m=126530657715364\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/38680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/38765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/38817"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/39656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=a2d399c87a642190f08ede63dc6fc434a5a8363a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0125.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/38120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/1001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=559719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9675"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-07-26 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| systemtap | systemtap | * | |
| systemtap | systemtap | 0.2.2 | |
| systemtap | systemtap | 0.3 | |
| systemtap | systemtap | 0.4 | |
| systemtap | systemtap | 0.5 | |
| systemtap | systemtap | 0.5.3 | |
| systemtap | systemtap | 0.5.4 | |
| systemtap | systemtap | 0.5.5 | |
| systemtap | systemtap | 0.5.7 | |
| systemtap | systemtap | 0.5.8 | |
| systemtap | systemtap | 0.5.9 | |
| systemtap | systemtap | 0.5.10 | |
| systemtap | systemtap | 0.5.12 | |
| systemtap | systemtap | 0.5.13 | |
| systemtap | systemtap | 0.5.14 | |
| systemtap | systemtap | 0.6 | |
| systemtap | systemtap | 0.6.2 | |
| systemtap | systemtap | 0.7 | |
| systemtap | systemtap | 0.7.2 | |
| systemtap | systemtap | 0.8 | |
| systemtap | systemtap | 0.9 | |
| systemtap | systemtap | 0.9.5 | |
| systemtap | systemtap | 0.9.7 | |
| systemtap | systemtap | 0.9.8 | |
| systemtap | systemtap | 0.9.9 | |
| systemtap | systemtap | 1.0 | |
| systemtap | systemtap | 1.1 | |
| systemtap | systemtap | 1.2 | |
| systemtap | systemtap | 1.3 | |
| systemtap | systemtap | 1.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systemtap:systemtap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44665B6E-F588-42BD-9901-268D4DD93BAF",
"versionEndIncluding": "1.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "04AE85B6-FE8D-4DD1-BECE-6B7146CF9D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E150AE05-60B4-4ECE-AEFA-3A230DAEBCA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36FBF185-3189-40C2-B51B-2531F2D88602",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C62AFF32-856E-4EF9-A87F-C06B6FEEE31F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57C746CB-8DFE-4795-931F-42050D7FBEB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "986B653D-5CF2-454C-A38F-172D2256E20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5E8C63-D68F-4ACA-B0DC-1D9EF6A3BFA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BD56E555-180D-45C3-9311-EFB32F480035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "74215553-AB86-4184-B3AB-D82B20275ED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5044754F-66CD-4D17-8874-7303D9F2DCE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DC674046-FC4F-4262-8F71-4DEECAEC1A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7A621722-6DD4-461D-AD74-461B9C10C772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "9B5B77E9-F98C-4310-8D6A-E41A27CD559A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B6E9824F-8977-4CE6-BA05-E8899E41066E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FF58A998-52F0-4BCA-9FF7-FCCC28E6FCE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C2327CA9-5A80-4C86-BAF6-A9E3BB7085C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6627D143-6E8D-40DE-BBD0-308FF1B200D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1AE49CA-424E-4328-A348-98F2C847D8FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "19E88BF9-1403-40F9-A64E-A1FEFEFC4E2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3E12D5C4-4BC6-4802-B5CE-5D5A41FB3B71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD4201A-64B5-4DCC-9696-BD0F8780D200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C3FEDD7F-969D-422C-A899-9550EC52EBD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F37EBCB6-8056-466C-B2AB-385DF48EEA8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0D795EA7-04FC-4D0E-9944-6C9D4882A897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36C437-D28D-452A-BAF0-4A618A61920B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB898A5-C8EF-4BBA-B480-00461218FC3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D06D7E42-666F-43CE-8BE3-0EE915450CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3D031679-0C77-4645-B488-DA29BB81FA39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5CA99B-6DED-4395-BFE0-C8DB7F504AF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization."
},
{
"lang": "es",
"value": "La funci\u00f3n insert_module en tiempo de ejecuci\u00f3n/staprun/staprun_funcs.c en la herramienta de tiempo de ejecuci\u00f3n systemtap (staprun) en SystemTap antes de v1.6 no valida correctamente un m\u00f3dulo cuando se carga, lo que permite a usuarios locales conseguir privilegios a trav\u00e9s de una condici\u00f3n de carrera entre la validaci\u00f3n de la firma y el m\u00f3dulo de inicializaci\u00f3n.\r\n"
}
],
"id": "CVE-2011-2503",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-07-26T19:55:00.793",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45377"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46920"
},
{
"source": "secalert@redhat.com",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
},
{
"source": "secalert@redhat.com",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=ed51cfa24ca27746ab09b59280b94117dd58cba3"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=ed51cfa24ca27746ab09b59280b94117dd58cba3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-03-25 23:30
Modified
2025-04-09 00:30
Severity ?
Summary
Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| systemtap | systemtap | 0.0.20080705 | |
| systemtap | systemtap | 0.0.20090314 | |
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.0.20080705:*:*:*:*:*:*:*",
"matchCriteriaId": "FF696A11-4FC7-4ECE-B5E3-26B258431803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.0.20090314:*:*:*:*:*:*:*",
"matchCriteriaId": "4CC37FD4-A179-45E8-8722-A24C3D32CCAE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F92AB32-E7DE-43F4-B877-1F41FA162EC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors."
},
{
"lang": "es",
"value": "Una condici\u00f3n de carrera en la herramienta stap de SystemTap versiones 0.0.20080705 y 0.0.20090314, permite a los usuarios locales del grupo stapusr insertar m\u00f3dulos de kernel de SystemTap arbitrarios y alcanzar privilegios por medio de vectores desconocidos."
}
],
"id": "CVE-2009-0784",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.3,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-03-25T23:30:00.187",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34441"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34479"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34548"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-110.htm"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2009/dsa-1755"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0373.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0907"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11613"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34441"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-110.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2009/dsa-1755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0373.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11613"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-04 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an invalid pointer.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3504DC-F819-499D-9455-D05976C91AE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C833C520-A116-444D-BFBF-5D8195ED83DD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an invalid pointer."
},
{
"lang": "es",
"value": "SystemTap 1.7, 1.6.7, y probablemente otras versiones, cuando el modo no privilegiado est\u00e1 habilitado, permite a usuarios locales obtener informaci\u00f3n sensible de la memoria del kernel o causar una denegaci\u00f3n de servicio (kernel panic y ca\u00edda) a trav\u00e9s de vectores relacionados con datos DWARF manipulados, lo cual provoca una lectura de un puntero no v\u00e1lido."
}
],
"id": "CVE-2012-0875",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 7.8,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-04T23:55:03.720",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00057.html"
},
{
"source": "secalert@redhat.com",
"url": "http://permalink.gmane.org/gmane.comp.security.oss.general/6987"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0376.html"
},
{
"source": "secalert@redhat.com",
"url": "http://securitytracker.com/id?1026777"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=13714"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=64b0cff3b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://permalink.gmane.org/gmane.comp.security.oss.general/6987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0376.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1026777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=13714"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=64b0cff3b"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-01-26 18:30
Modified
2025-04-11 00:51
Severity ?
Summary
stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| systemtap | systemtap | * | |
| systemtap | systemtap | 0.2.2 | |
| systemtap | systemtap | 0.3 | |
| systemtap | systemtap | 0.4 | |
| systemtap | systemtap | 0.5 | |
| systemtap | systemtap | 0.5.3 | |
| systemtap | systemtap | 0.5.4 | |
| systemtap | systemtap | 0.5.5 | |
| systemtap | systemtap | 0.5.7 | |
| systemtap | systemtap | 0.5.8 | |
| systemtap | systemtap | 0.5.9 | |
| systemtap | systemtap | 0.5.10 | |
| systemtap | systemtap | 0.5.12 | |
| systemtap | systemtap | 0.5.13 | |
| systemtap | systemtap | 0.5.14 | |
| systemtap | systemtap | 0.6 | |
| systemtap | systemtap | 0.6.2 | |
| systemtap | systemtap | 0.7 | |
| systemtap | systemtap | 0.7.2 | |
| systemtap | systemtap | 0.8 | |
| systemtap | systemtap | 0.9 | |
| systemtap | systemtap | 0.9.5 | |
| systemtap | systemtap | 0.9.7 | |
| systemtap | systemtap | 0.9.8 | |
| systemtap | systemtap | 0.9.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systemtap:systemtap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBE3731E-B013-4997-BC82-42B482B3B878",
"versionEndIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "04AE85B6-FE8D-4DD1-BECE-6B7146CF9D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E150AE05-60B4-4ECE-AEFA-3A230DAEBCA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36FBF185-3189-40C2-B51B-2531F2D88602",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C62AFF32-856E-4EF9-A87F-C06B6FEEE31F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57C746CB-8DFE-4795-931F-42050D7FBEB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "986B653D-5CF2-454C-A38F-172D2256E20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5E8C63-D68F-4ACA-B0DC-1D9EF6A3BFA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BD56E555-180D-45C3-9311-EFB32F480035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "74215553-AB86-4184-B3AB-D82B20275ED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5044754F-66CD-4D17-8874-7303D9F2DCE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DC674046-FC4F-4262-8F71-4DEECAEC1A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7A621722-6DD4-461D-AD74-461B9C10C772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "9B5B77E9-F98C-4310-8D6A-E41A27CD559A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B6E9824F-8977-4CE6-BA05-E8899E41066E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FF58A998-52F0-4BCA-9FF7-FCCC28E6FCE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C2327CA9-5A80-4C86-BAF6-A9E3BB7085C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6627D143-6E8D-40DE-BBD0-308FF1B200D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1AE49CA-424E-4328-A348-98F2C847D8FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "19E88BF9-1403-40F9-A64E-A1FEFEFC4E2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3E12D5C4-4BC6-4802-B5CE-5D5A41FB3B71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD4201A-64B5-4DCC-9696-BD0F8780D200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C3FEDD7F-969D-422C-A899-9550EC52EBD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F37EBCB6-8056-466C-B2AB-385DF48EEA8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0D795EA7-04FC-4D0E-9944-6C9D4882A897",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request."
},
{
"lang": "es",
"value": "stap-server en SystemTap en versiones anteriores a v1.1 permite a atacantes remotos ejecutar comandos a trav\u00e9s de metacaracteres de shell en argumentos de linea de comandos en una petici\u00f3n."
}
],
"id": "CVE-2009-4273",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-01-26T18:30:00.963",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034036.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034041.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38154"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38216"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/38765"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/39656"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11105"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/ml/systemtap/2010-q1/msg00142.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://sourceware.org/systemtap/ftp/releases/systemtap-1.1.tar.gz"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0169"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2010/1001"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=550172"
},
{
"source": "secalert@redhat.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/38765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/39656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/ml/systemtap/2010-q1/msg00142.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceware.org/systemtap/ftp/releases/systemtap-1.1.tar.gz"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/1001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=550172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11417"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-12-07 22:00
Modified
2025-04-11 00:51
Severity ?
Summary
The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3D031679-0C77-4645-B488-DA29BB81FA39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file."
},
{
"lang": "es",
"value": "La herramienta staprun en SystemTap v1.3 no limpia debidamente las variables de entorno antes de ejecutar modprobe, lo que permite a usuarios locales obtener privilegios mediante el ajuste de la variable de entorno MODPROBE_OPTIONS para especificar un archivo de configuraci\u00f3n malicioso."
}
],
"id": "CVE-2010-4170",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-07T22:00:02.437",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"source": "secalert@redhat.com",
"url": "http://packetstormsecurity.com/files/152569/SystemTap-1.3-MODPROBE_OPTIONS-Privilege-Escalation.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42256"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42263"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42306"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42318"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/46920"
},
{
"source": "secalert@redhat.com",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"source": "secalert@redhat.com",
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/15620"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0895.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/44914"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1024754"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63344"
},
{
"source": "secalert@redhat.com",
"url": "https://www.exploit-db.com/exploits/46730/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/152569/SystemTap-1.3-MODPROBE_OPTIONS-Privilege-Escalation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/46920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/15620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2010-0895.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/44914"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/46730/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-10-22 16:30
Modified
2025-04-09 00:30
Severity ?
Summary
SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2) cause a denial of service via crafted DWARF expressions that trigger a kernel stack frame overflow, or (3) cause a denial of service (infinite loop) via vectors that trigger creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36C437-D28D-452A-BAF0-4A618A61920B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2) cause a denial of service via crafted DWARF expressions that trigger a kernel stack frame overflow, or (3) cause a denial of service (infinite loop) via vectors that trigger creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records."
},
{
"lang": "es",
"value": "SystemTap 1.0, cuando se utiliza la opci\u00f3n \"--unprivileged\", no restringe adecuadamente ciertos tama\u00f1os de datos, lo que permite a usuarios locales (1) producir una denegaci\u00f3n de servicio o ganar privilegios a trav\u00e9s de una operaci\u00f3n de impresi\u00f3n con un gran numero de argumentos que inicia un desbordamiento de ka pila del kernel, (2) producir una denegaci\u00f3n de servicio a trav\u00e9s de expresi\u00f3n DWARF manipuladas que inician un desbordamiento de la pila del kernel, o (3) producir una denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de vectores que inician la creaci\u00f3n de grandes tablas relacionadas con las entradas \"Entry Common Information\" (CIE) y \"Call Frame Instruction\" (CFI)."
}
],
"id": "CVE-2009-2911",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-10-22T16:30:00.217",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/37167"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/10/21/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/36778"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2989"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529175"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00627.html"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00793.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37167"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2009/10/21/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2989"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529175"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00627.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00793.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-02-25 00:30
Modified
2025-04-11 00:51
Severity ?
Summary
stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB898A5-C8EF-4BBA-B480-00461218FC3B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273."
},
{
"lang": "es",
"value": "stap-server en SystemTap v1.1 no restringe adecuadamente el valor de la opci\u00f3n -B(tambi\u00e9n conocida como BUILD), lo que permite a atacantes tener un impacto desconocido a trav\u00e9s de vectores asociados con la ejecuci\u00f3n del programa \"make\". Vector distinto del CVE-2009-4273."
}
],
"id": "CVE-2010-0412",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-02-25T00:30:00.517",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/38316"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56611"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-08-29 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs stack unwinding (aka backtracing).
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5CA99B-6DED-4395-BFE0-C8DB7F504AF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs stack unwinding (aka backtracing)."
},
{
"lang": "es",
"value": "SystemTap 1.4, (tambi\u00e9n conocido como stapusr) cuando el modo no privilegiado est\u00e1 habilitado, permite a usuarios locales provocar una denegaci\u00f3n de servicio (error de divisi\u00f3n por cero y OOPS) a trav\u00e9s de un programa de ELF modificado con expresiones DWARF que no est\u00e1n bien mipulado por una secuencia de comandos STAP que realiza acondicionamiento de la pila (tambi\u00e9n conocido como rastreo)."
}
],
"id": "CVE-2011-1781",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-08-29T21:55:00.847",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/44802"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/47934"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"source": "secalert@redhat.com",
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/44802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/47934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-07-26 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| systemtap | systemtap | * | |
| systemtap | systemtap | 0.2.2 | |
| systemtap | systemtap | 0.3 | |
| systemtap | systemtap | 0.4 | |
| systemtap | systemtap | 0.5 | |
| systemtap | systemtap | 0.5.3 | |
| systemtap | systemtap | 0.5.4 | |
| systemtap | systemtap | 0.5.5 | |
| systemtap | systemtap | 0.5.7 | |
| systemtap | systemtap | 0.5.8 | |
| systemtap | systemtap | 0.5.9 | |
| systemtap | systemtap | 0.5.10 | |
| systemtap | systemtap | 0.5.12 | |
| systemtap | systemtap | 0.5.13 | |
| systemtap | systemtap | 0.5.14 | |
| systemtap | systemtap | 0.6 | |
| systemtap | systemtap | 0.6.2 | |
| systemtap | systemtap | 0.7 | |
| systemtap | systemtap | 0.7.2 | |
| systemtap | systemtap | 0.8 | |
| systemtap | systemtap | 0.9 | |
| systemtap | systemtap | 0.9.5 | |
| systemtap | systemtap | 0.9.7 | |
| systemtap | systemtap | 0.9.8 | |
| systemtap | systemtap | 0.9.9 | |
| systemtap | systemtap | 1.0 | |
| systemtap | systemtap | 1.1 | |
| systemtap | systemtap | 1.2 | |
| systemtap | systemtap | 1.3 | |
| systemtap | systemtap | 1.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systemtap:systemtap:*:*:*:*:*:*:*:*",
"matchCriteriaId": "44665B6E-F588-42BD-9901-268D4DD93BAF",
"versionEndIncluding": "1.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "04AE85B6-FE8D-4DD1-BECE-6B7146CF9D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E150AE05-60B4-4ECE-AEFA-3A230DAEBCA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "36FBF185-3189-40C2-B51B-2531F2D88602",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C62AFF32-856E-4EF9-A87F-C06B6FEEE31F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "57C746CB-8DFE-4795-931F-42050D7FBEB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "986B653D-5CF2-454C-A38F-172D2256E20C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AF5E8C63-D68F-4ACA-B0DC-1D9EF6A3BFA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BD56E555-180D-45C3-9311-EFB32F480035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "74215553-AB86-4184-B3AB-D82B20275ED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "5044754F-66CD-4D17-8874-7303D9F2DCE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DC674046-FC4F-4262-8F71-4DEECAEC1A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7A621722-6DD4-461D-AD74-461B9C10C772",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.13:*:*:*:*:*:*:*",
"matchCriteriaId": "9B5B77E9-F98C-4310-8D6A-E41A27CD559A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B6E9824F-8977-4CE6-BA05-E8899E41066E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FF58A998-52F0-4BCA-9FF7-FCCC28E6FCE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C2327CA9-5A80-4C86-BAF6-A9E3BB7085C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6627D143-6E8D-40DE-BBD0-308FF1B200D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1AE49CA-424E-4328-A348-98F2C847D8FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "19E88BF9-1403-40F9-A64E-A1FEFEFC4E2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "3E12D5C4-4BC6-4802-B5CE-5D5A41FB3B71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD4201A-64B5-4DCC-9696-BD0F8780D200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C3FEDD7F-969D-422C-A899-9550EC52EBD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F37EBCB6-8056-466C-B2AB-385DF48EEA8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "0D795EA7-04FC-4D0E-9944-6C9D4882A897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C36C437-D28D-452A-BAF0-4A618A61920B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB898A5-C8EF-4BBA-B480-00461218FC3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D06D7E42-666F-43CE-8BE3-0EE915450CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3D031679-0C77-4645-B488-DA29BB81FA39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5CA99B-6DED-4395-BFE0-C8DB7F504AF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument."
},
{
"lang": "es",
"value": "runtime/staprun/staprun_funcs.c en la herramienta de tiempo de ejecuci\u00f3n systemtap (staprun) en SystemTap antes de v1.6 no valida correctamente los m\u00f3dulos cuando una ruta del m\u00f3dulo es especificada por un usuario para probar el espacio de usuario, lo que permite obtener privilegios a usuarios locales en el grupo stapusr a trav\u00e9s de un m\u00f3dulo dise\u00f1ado para tal fin en la ruta de b\u00fasqueda con el argumento -u.\r\n"
}
],
"id": "CVE-2011-2502",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-07-26T19:55:00.700",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45377"
},
{
"source": "secalert@redhat.com",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
},
{
"source": "secalert@redhat.com",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=4ecaadf545a729bb3e5f01f6f019716d49815d9a"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=4ecaadf545a729bb3e5f01f6f019716d49815d9a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}