Linux Distros Unpatched Vulnerability : CVE-2011-2473

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dodumpdata function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted...

OProfile <= 0.9.6 Multiple Vulnerabilities

OProfile is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:maynardjohnson:oprofile";...

CVE-2011-2473

The dodumpdata function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to create or overwrite arbitrary files via a crafted --session-dir argument in conjunction with a symlink attack on the opdpipe file, a different vulnerability than CVE-2011-1760...

CVE-2011-2473

CVE-2011-2473 concerns do_dump_data in utils/opcontrol of OProfile (0.9.6 and earlier). The flaw allows local users to create or overwrite arbitrary files via a crafted --session-dir argument combined with a symlink attack on the opd_pipe file, and is described as a different vulnerability from C...