Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
24 vulnerabilities found for systemtap by systemtap
CVE-2012-0875 (GCVE-0-2012-0875)
Vulnerability from nvd – Published: 2014-02-04 19:00 – Updated: 2024-08-06 18:38
VLAI
Summary
SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an invalid pointer.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://rhn.redhat.com/errata/RHSA-2012-0376.html | vendor-advisoryx_refsource_REDHAT |
| http://sourceware.org/bugzilla/show_bug.cgi?id=13714 | x_refsource_CONFIRM |
| http://securitytracker.com/id?1026777 | vdb-entryx_refsource_SECTRACK |
| http://permalink.gmane.org/gmane.comp.security.os… | mailing-listx_refsource_MLIST |
| http://sourceware.org/git/?p=systemtap.git%3Ba=co… | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-updates/2013-0… | vendor-advisoryx_refsource_SUSE |
Date Public
2012-02-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:38:14.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2012:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0376.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=13714"
},
{
"name": "1026777",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1026777"
},
{
"name": "[oss-security] 20120222 CVE-2012-0875: systemtap memory disclosure/kernel panic when processing malformed DWARF unwind data",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://permalink.gmane.org/gmane.comp.security.oss.general/6987"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=64b0cff3b"
},
{
"name": "openSUSE-SU-2013:0475",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00057.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an invalid pointer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-04T18:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2012:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0376.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=13714"
},
{
"name": "1026777",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1026777"
},
{
"name": "[oss-security] 20120222 CVE-2012-0875: systemtap memory disclosure/kernel panic when processing malformed DWARF unwind data",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://permalink.gmane.org/gmane.comp.security.oss.general/6987"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=64b0cff3b"
},
{
"name": "openSUSE-SU-2013:0475",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00057.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0875",
"datePublished": "2014-02-04T19:00:00.000Z",
"dateReserved": "2012-01-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:38:14.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2503 (GCVE-0-2011-2503)
Vulnerability from nvd – Published: 2012-07-26 19:00 – Updated: 2024-09-17 01:01
VLAI
Summary
The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_MISC |
| http://sources.redhat.com/git/gitweb.cgi?p=system… | x_refsource_CONFIRM |
| http://www.debian.org/security/2011/dsa-2348 | vendor-advisoryx_refsource_DEBIAN |
| http://secunia.com/advisories/46920 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/45377 | third-party-advisoryx_refsource_SECUNIA |
| http://sources.redhat.com/git/gitweb.cgi?p=system… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.115Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=ed51cfa24ca27746ab09b59280b94117dd58cba3"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "45377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45377"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-26T19:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=ed51cfa24ca27746ab09b59280b94117dd58cba3"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "45377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45377"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2503",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503"
},
{
"name": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=ed51cfa24ca27746ab09b59280b94117dd58cba3",
"refsource": "CONFIRM",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=ed51cfa24ca27746ab09b59280b94117dd58cba3"
},
{
"name": "DSA-2348",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "46920",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46920"
},
{
"name": "45377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45377"
},
{
"name": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=blob;f=NEWS;hb=304d73b1fea24af791f2a129fb141c5009eae6a8",
"refsource": "CONFIRM",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=blob;f=NEWS;hb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2503",
"datePublished": "2012-07-26T19:00:00.000Z",
"dateReserved": "2011-06-15T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:01:54.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2502 (GCVE-0-2011-2502)
Vulnerability from nvd – Published: 2012-07-26 19:00 – Updated: 2024-09-16 20:42
VLAI
Summary
runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=716476 | x_refsource_MISC |
| http://sources.redhat.com/git/gitweb.cgi?p=system… | x_refsource_CONFIRM |
| http://secunia.com/advisories/45377 | third-party-advisoryx_refsource_SECUNIA |
| http://sources.redhat.com/git/gitweb.cgi?p=system… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=4ecaadf545a729bb3e5f01f6f019716d49815d9a"
},
{
"name": "45377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45377"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-26T19:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=4ecaadf545a729bb3e5f01f6f019716d49815d9a"
},
{
"name": "45377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45377"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2502",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=716476",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"
},
{
"name": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=4ecaadf545a729bb3e5f01f6f019716d49815d9a",
"refsource": "CONFIRM",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=4ecaadf545a729bb3e5f01f6f019716d49815d9a"
},
{
"name": "45377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45377"
},
{
"name": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=blob;f=NEWS;hb=304d73b1fea24af791f2a129fb141c5009eae6a8",
"refsource": "CONFIRM",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=blob;f=NEWS;hb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2502",
"datePublished": "2012-07-26T19:00:00.000Z",
"dateReserved": "2011-06-15T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:42:11.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1781 (GCVE-0-2011-1781)
Vulnerability from nvd – Published: 2011-08-29 21:00 – Updated: 2024-08-06 22:37
VLAI
Summary
SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs stack unwinding (aka backtracing).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/44802 | third-party-advisoryx_refsource_SECUNIA |
| https://bugzilla.redhat.com/show_bug.cgi?id=702687 | x_refsource_CONFIRM |
| http://sourceware.org/git/?p=systemtap.git%3Ba=co… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/47934 | vdb-entryx_refsource_BID |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| https://rhn.redhat.com/errata/RHSA-2011-0842.html | vendor-advisoryx_refsource_REDHAT |
| http://openwall.com/lists/oss-security/2011/05/20/2 | mailing-listx_refsource_MLIST |
Date Public
2011-05-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:25.780Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44802"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"name": "47934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47934"
},
{
"name": "MDVSA-2011:155",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"name": "RHSA-2011:0842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
},
{
"name": "[oss-security] 20110520 systemtap divide-by-zero issues (CVE-2011-1769, CVE-2011-1781)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs stack unwinding (aka backtracing)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-26T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "44802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44802"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"name": "47934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47934"
},
{
"name": "MDVSA-2011:155",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"name": "RHSA-2011:0842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
},
{
"name": "[oss-security] 20110520 systemtap divide-by-zero issues (CVE-2011-1769, CVE-2011-1781)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1781",
"datePublished": "2011-08-29T21:00:00.000Z",
"dateReserved": "2011-04-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:37:25.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1769 (GCVE-0-2011-1769)
Vulnerability from nvd – Published: 2011-08-29 21:00 – Updated: 2024-08-06 22:37
VLAI
Summary
SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/44802 | third-party-advisoryx_refsource_SECUNIA |
| https://bugzilla.redhat.com/show_bug.cgi?id=702687 | x_refsource_CONFIRM |
| http://sourceware.org/git/?p=systemtap.git%3Ba=co… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/47934 | vdb-entryx_refsource_BID |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| https://rhn.redhat.com/errata/RHSA-2011-0842.html | vendor-advisoryx_refsource_REDHAT |
| http://openwall.com/lists/oss-security/2011/05/20/2 | mailing-listx_refsource_MLIST |
Date Public
2011-05-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:25.789Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44802"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"name": "47934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47934"
},
{
"name": "MDVSA-2011:154",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:154"
},
{
"name": "MDVSA-2011:155",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"name": "RHSA-2011:0842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
},
{
"name": "[oss-security] 20110520 systemtap divide-by-zero issues (CVE-2011-1769, CVE-2011-1781)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-26T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "44802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44802"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"name": "47934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47934"
},
{
"name": "MDVSA-2011:154",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:154"
},
{
"name": "MDVSA-2011:155",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"name": "RHSA-2011:0842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
},
{
"name": "[oss-security] 20110520 systemtap divide-by-zero issues (CVE-2011-1769, CVE-2011-1781)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1769",
"datePublished": "2011-08-29T21:00:00.000Z",
"dateReserved": "2011-04-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:37:25.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4171 (GCVE-0-2010-4171)
Vulnerability from nvd – Published: 2010-12-07 21:00 – Updated: 2024-08-07 03:34
VLAI
Summary
The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary kernel modules).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2010-11-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.634Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[systemtap] 20101117 important systemtap security fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"name": "FEDORA-2010-17873",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"name": "42263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42263"
},
{
"name": "FEDORA-2010-17865",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=653606"
},
{
"name": "systemtap-staprunmod-dos(63345)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63345"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"name": "RHSA-2010:0894",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "1024754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024754"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "42256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42256"
},
{
"name": "42318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42318"
},
{
"name": "44917",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44917"
},
{
"name": "FEDORA-2010-17868",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary kernel modules)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[systemtap] 20101117 important systemtap security fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"name": "FEDORA-2010-17873",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"name": "42263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42263"
},
{
"name": "FEDORA-2010-17865",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=653606"
},
{
"name": "systemtap-staprunmod-dos(63345)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63345"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"name": "RHSA-2010:0894",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "1024754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024754"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "42256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42256"
},
{
"name": "42318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42318"
},
{
"name": "44917",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44917"
},
{
"name": "FEDORA-2010-17868",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4171",
"datePublished": "2010-12-07T21:00:00.000Z",
"dateReserved": "2010-11-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:34:37.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4170 (GCVE-0-2010-4170)
Vulnerability from nvd – Published: 2010-12-07 21:00 – Updated: 2024-08-07 03:34
VLAI
Summary
The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
19 references
Date Public
2010-11-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "systemtap-staprun-priv-escalation(63344)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63344"
},
{
"name": "[systemtap] 20101117 important systemtap security fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"name": "FEDORA-2010-17873",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"name": "15620",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/15620"
},
{
"name": "42263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42263"
},
{
"name": "FEDORA-2010-17865",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"name": "RHSA-2010:0894",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"name": "RHSA-2010:0895",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0895.html"
},
{
"name": "42306",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42306"
},
{
"name": "44914",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44914"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "1024754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024754"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "42256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42256"
},
{
"name": "42318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42318"
},
{
"name": "FEDORA-2010-17868",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152569/SystemTap-1.3-MODPROBE_OPTIONS-Privilege-Escalation.html"
},
{
"name": "46730",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46730/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-19T15:06:14.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "systemtap-staprun-priv-escalation(63344)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63344"
},
{
"name": "[systemtap] 20101117 important systemtap security fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"name": "FEDORA-2010-17873",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"name": "15620",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/15620"
},
{
"name": "42263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42263"
},
{
"name": "FEDORA-2010-17865",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"name": "RHSA-2010:0894",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"name": "RHSA-2010:0895",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0895.html"
},
{
"name": "42306",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42306"
},
{
"name": "44914",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44914"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "1024754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024754"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "42256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42256"
},
{
"name": "42318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42318"
},
{
"name": "FEDORA-2010-17868",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152569/SystemTap-1.3-MODPROBE_OPTIONS-Privilege-Escalation.html"
},
{
"name": "46730",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46730/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4170",
"datePublished": "2010-12-07T21:00:00.000Z",
"dateReserved": "2010-11-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:34:37.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0412 (GCVE-0-2010-0412)
Vulnerability from nvd – Published: 2010-02-25 00:00 – Updated: 2024-08-07 00:45
VLAI
Summary
stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.fedoraproject.org/pipermail/scm-comm… | mailing-listx_refsource_MLIST |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.securityfocus.com/bid/38316 | vdb-entryx_refsource_BID |
Date Public
2010-02-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "systemtap-stapserver-unspecified(56611)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56611"
},
{
"name": "[scm-commits] 20100215 rpms/systemtap/devel systemtap-1.1-tighten-server-params.patch, NONE, 1.1 systemtap.spec, 1.59, 1.60",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "38316",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "systemtap-stapserver-unspecified(56611)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56611"
},
{
"name": "[scm-commits] 20100215 rpms/systemtap/devel systemtap-1.1-tighten-server-params.patch, NONE, 1.1 systemtap.spec, 1.59, 1.60",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "38316",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38316"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0412",
"datePublished": "2010-02-25T00:00:00.000Z",
"dateReserved": "2010-01-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:45:12.276Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0411 (GCVE-0-2010-0411)
Vulnerability from nvd – Published: 2010-02-08 20:00 – Updated: 2024-08-07 00:45
VLAI
Summary
Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large number of arguments, leading to a buffer overflow.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
18 references
Date Public
2010-02-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "38817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38817"
},
{
"name": "38426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38426"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=559719"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39656"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11234"
},
{
"name": "[oss-security] 20100204 systemtap DoS issue (CVE-2010-0411)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=126530657715364\u0026w=2"
},
{
"name": "38680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38680"
},
{
"name": "oval:org.mitre.oval:def:9675",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9675"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "RHSA-2010:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0125.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=a2d399c87a642190f08ede63dc6fc434a5a8363a"
},
{
"name": "1023664",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023664"
},
{
"name": "38120",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38120"
},
{
"name": "RHSA-2010:0124",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"name": "38765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38765"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large number of arguments, leading to a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "38817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38817"
},
{
"name": "38426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38426"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=559719"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39656"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11234"
},
{
"name": "[oss-security] 20100204 systemtap DoS issue (CVE-2010-0411)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=126530657715364\u0026w=2"
},
{
"name": "38680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38680"
},
{
"name": "oval:org.mitre.oval:def:9675",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9675"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "RHSA-2010:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0125.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=a2d399c87a642190f08ede63dc6fc434a5a8363a"
},
{
"name": "1023664",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023664"
},
{
"name": "38120",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38120"
},
{
"name": "RHSA-2010:0124",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"name": "38765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38765"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0411",
"datePublished": "2010-02-08T20:00:00.000Z",
"dateReserved": "2010-01-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:45:12.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4273 (GCVE-0-2009-4273)
Vulnerability from nvd – Published: 2010-01-26 18:00 – Updated: 2024-08-07 06:54
VLAI
Summary
stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
18 references
Date Public
2010-01-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:54:10.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "oval:org.mitre.oval:def:11417",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11417"
},
{
"name": "38154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38154"
},
{
"name": "FEDORA-2010-0671",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034036.html"
},
{
"name": "FEDORA-2010-0688",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034041.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/systemtap/ftp/releases/systemtap-1.1.tar.gz"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39656"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=550172"
},
{
"name": "38216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38216"
},
{
"name": "[scm-commits] 20100215 rpms/systemtap/devel systemtap-1.1-tighten-server-params.patch, NONE, 1.1 systemtap.spec, 1.59, 1.60",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"name": "ADV-2010-0169",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0169"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "[systemtap] 20100115 SystemTap release 1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceware.org/ml/systemtap/2010-q1/msg00142.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11105"
},
{
"name": "RHSA-2010:0124",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"name": "38765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38765"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "oval:org.mitre.oval:def:11417",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11417"
},
{
"name": "38154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38154"
},
{
"name": "FEDORA-2010-0671",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034036.html"
},
{
"name": "FEDORA-2010-0688",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034041.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/systemtap/ftp/releases/systemtap-1.1.tar.gz"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39656"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=550172"
},
{
"name": "38216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38216"
},
{
"name": "[scm-commits] 20100215 rpms/systemtap/devel systemtap-1.1-tighten-server-params.patch, NONE, 1.1 systemtap.spec, 1.59, 1.60",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"name": "ADV-2010-0169",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0169"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "[systemtap] 20100115 SystemTap release 1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceware.org/ml/systemtap/2010-q1/msg00142.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11105"
},
{
"name": "RHSA-2010:0124",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"name": "38765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38765"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-4273",
"datePublished": "2010-01-26T18:00:00.000Z",
"dateReserved": "2009-12-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:54:10.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2911 (GCVE-0-2009-2911)
Vulnerability from nvd – Published: 2009-10-22 16:00 – Updated: 2024-08-07 06:07
VLAI
Summary
SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2) cause a denial of service via crafted DWARF expressions that trigger a kernel stack frame overflow, or (3) cause a denial of service (infinite loop) via vectors that trigger creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://sources.redhat.com/bugzilla/show_bug.cgi?i… | x_refsource_CONFIRM |
| https://www.redhat.com/archives/fedora-package-an… | vendor-advisoryx_refsource_FEDORA |
| http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633 | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2009/10/21/1 | mailing-listx_refsource_MLIST |
| https://www.redhat.com/archives/fedora-package-an… | vendor-advisoryx_refsource_FEDORA |
| https://bugzilla.redhat.com/show_bug.cgi?id=529175 | x_refsource_CONFIRM |
| http://secunia.com/advisories/37167 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/36778 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2009/2989 | vdb-entryx_refsource_VUPEN |
Date Public
2009-10-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750"
},
{
"name": "FEDORA-2009-10849",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00793.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633"
},
{
"name": "[oss-security] 20091021 CVE assignment notification -- CVE-2009-2911 - Three SystemTap-1.0 DoS issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/10/21/1"
},
{
"name": "FEDORA-2009-10719",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00627.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529175"
},
{
"name": "37167",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37167"
},
{
"name": "36778",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36778"
},
{
"name": "ADV-2009-2989",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2989"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-10-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2) cause a denial of service via crafted DWARF expressions that trigger a kernel stack frame overflow, or (3) cause a denial of service (infinite loop) via vectors that trigger creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-10-31T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750"
},
{
"name": "FEDORA-2009-10849",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00793.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633"
},
{
"name": "[oss-security] 20091021 CVE assignment notification -- CVE-2009-2911 - Three SystemTap-1.0 DoS issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/10/21/1"
},
{
"name": "FEDORA-2009-10719",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00627.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529175"
},
{
"name": "37167",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37167"
},
{
"name": "36778",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36778"
},
{
"name": "ADV-2009-2989",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2989"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-2911",
"datePublished": "2009-10-22T16:00:00.000Z",
"dateReserved": "2009-08-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:07:37.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0784 (GCVE-0-2009-0784)
Vulnerability from nvd – Published: 2009-03-25 23:00 – Updated: 2024-08-07 04:48
VLAI
Summary
Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.debian.org/security/2009/dsa-1755 | vendor-advisoryx_refsource_DEBIAN |
| http://secunia.com/advisories/34479 | third-party-advisoryx_refsource_SECUNIA |
| http://support.avaya.com/elmodocs2/security/ASA-2… | x_refsource_CONFIRM |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.redhat.com/support/errata/RHSA-2009-03… | vendor-advisoryx_refsource_REDHAT |
| http://secunia.com/advisories/34548 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2009/0907 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/34441 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2009-03-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:48:52.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1755",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1755"
},
{
"name": "34479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34479"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-110.htm"
},
{
"name": "oval:org.mitre.oval:def:11613",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11613"
},
{
"name": "RHSA-2009:0373",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0373.html"
},
{
"name": "34548",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34548"
},
{
"name": "ADV-2009-0907",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0907"
},
{
"name": "34441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34441"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-1755",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1755"
},
{
"name": "34479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34479"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-110.htm"
},
{
"name": "oval:org.mitre.oval:def:11613",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11613"
},
{
"name": "RHSA-2009:0373",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0373.html"
},
{
"name": "34548",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34548"
},
{
"name": "ADV-2009-0907",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0907"
},
{
"name": "34441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34441"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-0784",
"datePublished": "2009-03-25T23:00:00.000Z",
"dateReserved": "2009-03-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:48:52.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0875 (GCVE-0-2012-0875)
Vulnerability from cvelistv5 – Published: 2014-02-04 19:00 – Updated: 2024-08-06 18:38
VLAI
Summary
SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an invalid pointer.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://rhn.redhat.com/errata/RHSA-2012-0376.html | vendor-advisoryx_refsource_REDHAT |
| http://sourceware.org/bugzilla/show_bug.cgi?id=13714 | x_refsource_CONFIRM |
| http://securitytracker.com/id?1026777 | vdb-entryx_refsource_SECTRACK |
| http://permalink.gmane.org/gmane.comp.security.os… | mailing-listx_refsource_MLIST |
| http://sourceware.org/git/?p=systemtap.git%3Ba=co… | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-updates/2013-0… | vendor-advisoryx_refsource_SUSE |
Date Public
2012-02-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:38:14.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2012:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0376.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=13714"
},
{
"name": "1026777",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1026777"
},
{
"name": "[oss-security] 20120222 CVE-2012-0875: systemtap memory disclosure/kernel panic when processing malformed DWARF unwind data",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://permalink.gmane.org/gmane.comp.security.oss.general/6987"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=64b0cff3b"
},
{
"name": "openSUSE-SU-2013:0475",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00057.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an invalid pointer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-04T18:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2012:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0376.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=13714"
},
{
"name": "1026777",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1026777"
},
{
"name": "[oss-security] 20120222 CVE-2012-0875: systemtap memory disclosure/kernel panic when processing malformed DWARF unwind data",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://permalink.gmane.org/gmane.comp.security.oss.general/6987"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=64b0cff3b"
},
{
"name": "openSUSE-SU-2013:0475",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00057.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0875",
"datePublished": "2014-02-04T19:00:00.000Z",
"dateReserved": "2012-01-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T18:38:14.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2502 (GCVE-0-2011-2502)
Vulnerability from cvelistv5 – Published: 2012-07-26 19:00 – Updated: 2024-09-16 20:42
VLAI
Summary
runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=716476 | x_refsource_MISC |
| http://sources.redhat.com/git/gitweb.cgi?p=system… | x_refsource_CONFIRM |
| http://secunia.com/advisories/45377 | third-party-advisoryx_refsource_SECUNIA |
| http://sources.redhat.com/git/gitweb.cgi?p=system… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=4ecaadf545a729bb3e5f01f6f019716d49815d9a"
},
{
"name": "45377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45377"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-26T19:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=4ecaadf545a729bb3e5f01f6f019716d49815d9a"
},
{
"name": "45377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45377"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2502",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=716476",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=716476"
},
{
"name": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=4ecaadf545a729bb3e5f01f6f019716d49815d9a",
"refsource": "CONFIRM",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=4ecaadf545a729bb3e5f01f6f019716d49815d9a"
},
{
"name": "45377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45377"
},
{
"name": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=blob;f=NEWS;hb=304d73b1fea24af791f2a129fb141c5009eae6a8",
"refsource": "CONFIRM",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=blob;f=NEWS;hb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2502",
"datePublished": "2012-07-26T19:00:00.000Z",
"dateReserved": "2011-06-15T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:42:11.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-2503 (GCVE-0-2011-2503)
Vulnerability from cvelistv5 – Published: 2012-07-26 19:00 – Updated: 2024-09-17 01:01
VLAI
Summary
The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_MISC |
| http://sources.redhat.com/git/gitweb.cgi?p=system… | x_refsource_CONFIRM |
| http://www.debian.org/security/2011/dsa-2348 | vendor-advisoryx_refsource_DEBIAN |
| http://secunia.com/advisories/46920 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/45377 | third-party-advisoryx_refsource_SECUNIA |
| http://sources.redhat.com/git/gitweb.cgi?p=system… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:34.115Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=ed51cfa24ca27746ab09b59280b94117dd58cba3"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "45377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45377"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-26T19:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=ed51cfa24ca27746ab09b59280b94117dd58cba3"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "45377",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45377"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2503",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503"
},
{
"name": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=ed51cfa24ca27746ab09b59280b94117dd58cba3",
"refsource": "CONFIRM",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=ed51cfa24ca27746ab09b59280b94117dd58cba3"
},
{
"name": "DSA-2348",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "46920",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46920"
},
{
"name": "45377",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45377"
},
{
"name": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=blob;f=NEWS;hb=304d73b1fea24af791f2a129fb141c5009eae6a8",
"refsource": "CONFIRM",
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=blob;f=NEWS;hb=304d73b1fea24af791f2a129fb141c5009eae6a8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-2503",
"datePublished": "2012-07-26T19:00:00.000Z",
"dateReserved": "2011-06-15T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:01:54.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1769 (GCVE-0-2011-1769)
Vulnerability from cvelistv5 – Published: 2011-08-29 21:00 – Updated: 2024-08-06 22:37
VLAI
Summary
SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/44802 | third-party-advisoryx_refsource_SECUNIA |
| https://bugzilla.redhat.com/show_bug.cgi?id=702687 | x_refsource_CONFIRM |
| http://sourceware.org/git/?p=systemtap.git%3Ba=co… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/47934 | vdb-entryx_refsource_BID |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| https://rhn.redhat.com/errata/RHSA-2011-0842.html | vendor-advisoryx_refsource_REDHAT |
| http://openwall.com/lists/oss-security/2011/05/20/2 | mailing-listx_refsource_MLIST |
Date Public
2011-05-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:25.789Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44802"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"name": "47934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47934"
},
{
"name": "MDVSA-2011:154",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:154"
},
{
"name": "MDVSA-2011:155",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"name": "RHSA-2011:0842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
},
{
"name": "[oss-security] 20110520 systemtap divide-by-zero issues (CVE-2011-1769, CVE-2011-1781)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-26T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "44802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44802"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"name": "47934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47934"
},
{
"name": "MDVSA-2011:154",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:154"
},
{
"name": "MDVSA-2011:155",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"name": "RHSA-2011:0842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
},
{
"name": "[oss-security] 20110520 systemtap divide-by-zero issues (CVE-2011-1769, CVE-2011-1781)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1769",
"datePublished": "2011-08-29T21:00:00.000Z",
"dateReserved": "2011-04-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:37:25.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1781 (GCVE-0-2011-1781)
Vulnerability from cvelistv5 – Published: 2011-08-29 21:00 – Updated: 2024-08-06 22:37
VLAI
Summary
SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs stack unwinding (aka backtracing).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/44802 | third-party-advisoryx_refsource_SECUNIA |
| https://bugzilla.redhat.com/show_bug.cgi?id=702687 | x_refsource_CONFIRM |
| http://sourceware.org/git/?p=systemtap.git%3Ba=co… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/47934 | vdb-entryx_refsource_BID |
| http://www.mandriva.com/security/advisories?name=… | vendor-advisoryx_refsource_MANDRIVA |
| https://rhn.redhat.com/errata/RHSA-2011-0842.html | vendor-advisoryx_refsource_REDHAT |
| http://openwall.com/lists/oss-security/2011/05/20/2 | mailing-listx_refsource_MLIST |
Date Public
2011-05-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:25.780Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44802"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"name": "47934",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/47934"
},
{
"name": "MDVSA-2011:155",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"name": "RHSA-2011:0842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
},
{
"name": "[oss-security] 20110520 systemtap divide-by-zero issues (CVE-2011-1769, CVE-2011-1781)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs stack unwinding (aka backtracing)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-26T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "44802",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44802"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=702687"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9"
},
{
"name": "47934",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/47934"
},
{
"name": "MDVSA-2011:155",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:155"
},
{
"name": "RHSA-2011:0842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2011-0842.html"
},
{
"name": "[oss-security] 20110520 systemtap divide-by-zero issues (CVE-2011-1769, CVE-2011-1781)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2011/05/20/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-1781",
"datePublished": "2011-08-29T21:00:00.000Z",
"dateReserved": "2011-04-19T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:37:25.780Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4171 (GCVE-0-2010-4171)
Vulnerability from cvelistv5 – Published: 2010-12-07 21:00 – Updated: 2024-08-07 03:34
VLAI
Summary
The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary kernel modules).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
Date Public
2010-11-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.634Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[systemtap] 20101117 important systemtap security fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"name": "FEDORA-2010-17873",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"name": "42263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42263"
},
{
"name": "FEDORA-2010-17865",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=653606"
},
{
"name": "systemtap-staprunmod-dos(63345)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63345"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"name": "RHSA-2010:0894",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "1024754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024754"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "42256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42256"
},
{
"name": "42318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42318"
},
{
"name": "44917",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44917"
},
{
"name": "FEDORA-2010-17868",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary kernel modules)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[systemtap] 20101117 important systemtap security fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"name": "FEDORA-2010-17873",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"name": "42263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42263"
},
{
"name": "FEDORA-2010-17865",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=653606"
},
{
"name": "systemtap-staprunmod-dos(63345)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63345"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"name": "RHSA-2010:0894",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "1024754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024754"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "42256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42256"
},
{
"name": "42318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42318"
},
{
"name": "44917",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44917"
},
{
"name": "FEDORA-2010-17868",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4171",
"datePublished": "2010-12-07T21:00:00.000Z",
"dateReserved": "2010-11-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:34:37.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4170 (GCVE-0-2010-4170)
Vulnerability from cvelistv5 – Published: 2010-12-07 21:00 – Updated: 2024-08-07 03:34
VLAI
Summary
The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
19 references
Date Public
2010-11-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "systemtap-staprun-priv-escalation(63344)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63344"
},
{
"name": "[systemtap] 20101117 important systemtap security fix",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"name": "FEDORA-2010-17873",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"name": "15620",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/15620"
},
{
"name": "42263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42263"
},
{
"name": "FEDORA-2010-17865",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"name": "RHSA-2010:0894",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"name": "RHSA-2010:0895",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0895.html"
},
{
"name": "42306",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42306"
},
{
"name": "44914",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44914"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "1024754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024754"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "42256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42256"
},
{
"name": "42318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42318"
},
{
"name": "FEDORA-2010-17868",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152569/SystemTap-1.3-MODPROBE_OPTIONS-Privilege-Escalation.html"
},
{
"name": "46730",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/46730/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-19T15:06:14.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "systemtap-staprun-priv-escalation(63344)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63344"
},
{
"name": "[systemtap] 20101117 important systemtap security fix",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html"
},
{
"name": "FEDORA-2010-17873",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html"
},
{
"name": "15620",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/15620"
},
{
"name": "42263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42263"
},
{
"name": "FEDORA-2010-17865",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2"
},
{
"name": "RHSA-2010:0894",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0894.html"
},
{
"name": "RHSA-2010:0895",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0895.html"
},
{
"name": "42306",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42306"
},
{
"name": "44914",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44914"
},
{
"name": "DSA-2348",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2011/dsa-2348"
},
{
"name": "1024754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024754"
},
{
"name": "46920",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46920"
},
{
"name": "42256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42256"
},
{
"name": "42318",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42318"
},
{
"name": "FEDORA-2010-17868",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152569/SystemTap-1.3-MODPROBE_OPTIONS-Privilege-Escalation.html"
},
{
"name": "46730",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/46730/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-4170",
"datePublished": "2010-12-07T21:00:00.000Z",
"dateReserved": "2010-11-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T03:34:37.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0412 (GCVE-0-2010-0412)
Vulnerability from cvelistv5 – Published: 2010-02-25 00:00 – Updated: 2024-08-07 00:45
VLAI
Summary
stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://lists.fedoraproject.org/pipermail/scm-comm… | mailing-listx_refsource_MLIST |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.securityfocus.com/bid/38316 | vdb-entryx_refsource_BID |
Date Public
2010-02-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.276Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "systemtap-stapserver-unspecified(56611)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56611"
},
{
"name": "[scm-commits] 20100215 rpms/systemtap/devel systemtap-1.1-tighten-server-params.patch, NONE, 1.1 systemtap.spec, 1.59, 1.60",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "38316",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "systemtap-stapserver-unspecified(56611)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56611"
},
{
"name": "[scm-commits] 20100215 rpms/systemtap/devel systemtap-1.1-tighten-server-params.patch, NONE, 1.1 systemtap.spec, 1.59, 1.60",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "38316",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38316"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0412",
"datePublished": "2010-02-25T00:00:00.000Z",
"dateReserved": "2010-01-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:45:12.276Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0411 (GCVE-0-2010-0411)
Vulnerability from cvelistv5 – Published: 2010-02-08 20:00 – Updated: 2024-08-07 00:45
VLAI
Summary
Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large number of arguments, leading to a buffer overflow.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
18 references
Date Public
2010-02-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:12.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "38817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38817"
},
{
"name": "38426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38426"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=559719"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39656"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11234"
},
{
"name": "[oss-security] 20100204 systemtap DoS issue (CVE-2010-0411)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://marc.info/?l=oss-security\u0026m=126530657715364\u0026w=2"
},
{
"name": "38680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38680"
},
{
"name": "oval:org.mitre.oval:def:9675",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9675"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "RHSA-2010:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0125.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=a2d399c87a642190f08ede63dc6fc434a5a8363a"
},
{
"name": "1023664",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023664"
},
{
"name": "38120",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38120"
},
{
"name": "RHSA-2010:0124",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"name": "38765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38765"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large number of arguments, leading to a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "38817",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38817"
},
{
"name": "38426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38426"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=559719"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39656"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11234"
},
{
"name": "[oss-security] 20100204 systemtap DoS issue (CVE-2010-0411)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://marc.info/?l=oss-security\u0026m=126530657715364\u0026w=2"
},
{
"name": "38680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38680"
},
{
"name": "oval:org.mitre.oval:def:9675",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9675"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "RHSA-2010:0125",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0125.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=a2d399c87a642190f08ede63dc6fc434a5a8363a"
},
{
"name": "1023664",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023664"
},
{
"name": "38120",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38120"
},
{
"name": "RHSA-2010:0124",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"name": "38765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38765"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0411",
"datePublished": "2010-02-08T20:00:00.000Z",
"dateReserved": "2010-01-27T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:45:12.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4273 (GCVE-0-2009-4273)
Vulnerability from cvelistv5 – Published: 2010-01-26 18:00 – Updated: 2024-08-07 06:54
VLAI
Summary
stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
18 references
Date Public
2010-01-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:54:10.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "oval:org.mitre.oval:def:11417",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11417"
},
{
"name": "38154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38154"
},
{
"name": "FEDORA-2010-0671",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034036.html"
},
{
"name": "FEDORA-2010-0688",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034041.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/systemtap/ftp/releases/systemtap-1.1.tar.gz"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39656"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=550172"
},
{
"name": "38216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38216"
},
{
"name": "[scm-commits] 20100215 rpms/systemtap/devel systemtap-1.1-tighten-server-params.patch, NONE, 1.1 systemtap.spec, 1.59, 1.60",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"name": "ADV-2010-0169",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0169"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "[systemtap] 20100115 SystemTap release 1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceware.org/ml/systemtap/2010-q1/msg00142.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11105"
},
{
"name": "RHSA-2010:0124",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"name": "38765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38765"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2010-1373",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html"
},
{
"name": "oval:org.mitre.oval:def:11417",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11417"
},
{
"name": "38154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38154"
},
{
"name": "FEDORA-2010-0671",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034036.html"
},
{
"name": "FEDORA-2010-0688",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034041.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/systemtap/ftp/releases/systemtap-1.1.tar.gz"
},
{
"name": "39656",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39656"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=550172"
},
{
"name": "38216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38216"
},
{
"name": "[scm-commits] 20100215 rpms/systemtap/devel systemtap-1.1-tighten-server-params.patch, NONE, 1.1 systemtap.spec, 1.59, 1.60",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html"
},
{
"name": "ADV-2010-0169",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0169"
},
{
"name": "SUSE-SR:2010:010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
},
{
"name": "[systemtap] 20100115 SystemTap release 1.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceware.org/ml/systemtap/2010-q1/msg00142.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=11105"
},
{
"name": "RHSA-2010:0124",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2010-0124.html"
},
{
"name": "38765",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38765"
},
{
"name": "FEDORA-2010-1720",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html"
},
{
"name": "ADV-2010-1001",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1001"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-4273",
"datePublished": "2010-01-26T18:00:00.000Z",
"dateReserved": "2009-12-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:54:10.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2911 (GCVE-0-2009-2911)
Vulnerability from cvelistv5 – Published: 2009-10-22 16:00 – Updated: 2024-08-07 06:07
VLAI
Summary
SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2) cause a denial of service via crafted DWARF expressions that trigger a kernel stack frame overflow, or (3) cause a denial of service (infinite loop) via vectors that trigger creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| http://sources.redhat.com/bugzilla/show_bug.cgi?i… | x_refsource_CONFIRM |
| https://www.redhat.com/archives/fedora-package-an… | vendor-advisoryx_refsource_FEDORA |
| http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633 | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2009/10/21/1 | mailing-listx_refsource_MLIST |
| https://www.redhat.com/archives/fedora-package-an… | vendor-advisoryx_refsource_FEDORA |
| https://bugzilla.redhat.com/show_bug.cgi?id=529175 | x_refsource_CONFIRM |
| http://secunia.com/advisories/37167 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/36778 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2009/2989 | vdb-entryx_refsource_VUPEN |
Date Public
2009-10-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750"
},
{
"name": "FEDORA-2009-10849",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00793.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633"
},
{
"name": "[oss-security] 20091021 CVE assignment notification -- CVE-2009-2911 - Three SystemTap-1.0 DoS issues",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2009/10/21/1"
},
{
"name": "FEDORA-2009-10719",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00627.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529175"
},
{
"name": "37167",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37167"
},
{
"name": "36778",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36778"
},
{
"name": "ADV-2009-2989",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2989"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-10-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2) cause a denial of service via crafted DWARF expressions that trigger a kernel stack frame overflow, or (3) cause a denial of service (infinite loop) via vectors that trigger creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-10-31T09:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750"
},
{
"name": "FEDORA-2009-10849",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00793.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633"
},
{
"name": "[oss-security] 20091021 CVE assignment notification -- CVE-2009-2911 - Three SystemTap-1.0 DoS issues",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2009/10/21/1"
},
{
"name": "FEDORA-2009-10719",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00627.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=529175"
},
{
"name": "37167",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37167"
},
{
"name": "36778",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36778"
},
{
"name": "ADV-2009-2989",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2989"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-2911",
"datePublished": "2009-10-22T16:00:00.000Z",
"dateReserved": "2009-08-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:07:37.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0784 (GCVE-0-2009-0784)
Vulnerability from cvelistv5 – Published: 2009-03-25 23:00 – Updated: 2024-08-07 04:48
VLAI
Summary
Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.debian.org/security/2009/dsa-1755 | vendor-advisoryx_refsource_DEBIAN |
| http://secunia.com/advisories/34479 | third-party-advisoryx_refsource_SECUNIA |
| http://support.avaya.com/elmodocs2/security/ASA-2… | x_refsource_CONFIRM |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://www.redhat.com/support/errata/RHSA-2009-03… | vendor-advisoryx_refsource_REDHAT |
| http://secunia.com/advisories/34548 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2009/0907 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/34441 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2009-03-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:48:52.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1755",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1755"
},
{
"name": "34479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34479"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-110.htm"
},
{
"name": "oval:org.mitre.oval:def:11613",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11613"
},
{
"name": "RHSA-2009:0373",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0373.html"
},
{
"name": "34548",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34548"
},
{
"name": "ADV-2009-0907",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0907"
},
{
"name": "34441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34441"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "DSA-1755",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2009/dsa-1755"
},
{
"name": "34479",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34479"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2009-110.htm"
},
{
"name": "oval:org.mitre.oval:def:11613",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11613"
},
{
"name": "RHSA-2009:0373",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2009-0373.html"
},
{
"name": "34548",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34548"
},
{
"name": "ADV-2009-0907",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0907"
},
{
"name": "34441",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34441"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-0784",
"datePublished": "2009-03-25T23:00:00.000Z",
"dateReserved": "2009-03-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T04:48:52.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}