EUVD-2006-0583

Malware in sbrugna...

SUSE CVE-2006-0576

Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious 1 which or 2 dirname programs. NOTE: while opcontrol normally is not run setuid, a common configuration suggests accessing...

Debian: Security Advisory (DSA-2254-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 14 : oprofile-0.9.6-21.fc14 (2011-8087)

When opcontrol was run by a normal user with sudo access it was possible for the user to craft options to opcontrol that would allow commands to be run with root privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

OProfile Multiple Vulnerabilities

This host is installed OProfile and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gboprofilemultvuln.nasl 7024 2017-08-30 11:51:43Z teissa $ OProfile Multiple Vulnerabilities Authors: Madhuri D Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net...

OProfile privilege escalation

Privilege escalation via opcontrol...

CVE-2011-2471

utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to gain privileges via shell metacharacters in the 1 --vmlinux, 2 --session-dir, or 3 --xen argument, related to the daemonrc file and the dosavesetup and doloadsetup functions, a different vulnerability than CVE-2011-1760...

CVE-2011-1760

utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument...

[SECURITY] [DSA 2254-1] oprofile security update

--------------------------------------------------------------------------- Debian Security Advisory DSA 2254-1 [email protected] http://www.debian.org/security/ Luciano Bello June 3, 2011 http://www.debian.org/security/faq -...

OProfile 0.9.6 - opcontrol Utility set_event() Local Privilege Escalation

OProfile 0.9.6 - opcontrol Utility setevent Local Privilege Escalation source: https://www.securityfocus.com/bid/47652/info OProfile is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to run arbitrary commands with superuser privileges. The following exampl...

CVE-2006-0576

Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious 1 which or 2 dirname programs. NOTE: while opcontrol normally is not run setuid, a common configuration suggests accessing...

CVE-2006-0576

CVE-2006-0576 affects opcontrol in OProfile 0.9.1 and earlier, where an untrusted search path allows local users to execute arbitrary commands by a crafted PATH referencing (1) which or (2) dirname programs. The issue can occur in contexts where opcontrol is accessed via sudo, though opcontrol is...

CVE-2006-0576

Untrusted search path vulnerability in opcontrol in OProfile 0.9.1 and earlier allows local users to execute arbitrary commands via a modified PATH that references malicious 1 which or 2 dirname programs. NOTE: while opcontrol normally is not run setuid, a common configuration suggests accessing...