CVE-2009-4273

🗓️ 26 Jan 2010 18:00:00Reported by redhatType

stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request

Reporter	Title	Published	Views	Family All 60
BDU FSTEC	Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information	28 Apr 201500:00	–	bdu_fstec

NVD

Node

systemtap systemtapRange≤1.0

systemtap systemtapMatch0.2.2

systemtap systemtapMatch0.3

systemtap systemtapMatch0.4

systemtap systemtapMatch0.5

systemtap systemtapMatch0.5.3

systemtap systemtapMatch0.5.4

systemtap systemtapMatch0.5.5

systemtap systemtapMatch0.5.7

systemtap systemtapMatch0.5.8

systemtap systemtapMatch0.5.9

systemtap systemtapMatch0.5.10

systemtap systemtapMatch0.5.12

systemtap systemtapMatch0.5.13

systemtap systemtapMatch0.5.14

systemtap systemtapMatch0.6

systemtap systemtapMatch0.6.2

systemtap systemtapMatch0.7

systemtap systemtapMatch0.7.2

systemtap systemtapMatch0.8

systemtap systemtapMatch0.9

systemtap systemtapMatch0.9.5

systemtap systemtapMatch0.9.7

systemtap systemtapMatch0.9.8

systemtap systemtapMatch0.9.9

Source	Link
secunia	www.secunia.com/advisories/38216
sourceware	www.sourceware.org/systemtap/ftp/releases/systemtap-1.1.tar.gz
lists	www.lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html
vupen	www.vupen.com/english/advisories/2010/0169
secunia	www.secunia.com/advisories/38154
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
redhat	www.redhat.com/support/errata/RHSA-2010-0124.html
lists	www.lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html
lists	www.lists.fedoraproject.org/pipermail/package-announce/2010-January/034041.html
lists	www.lists.fedoraproject.org/pipermail/package-announce/2010-January/034036.html

16 Jun 2026 23:13Current

7.4High risk

Vulners AI Score7.4

CVSS 210

EPSS0.1772

CWE-94