Lucene search
+L

35 matches found

CVE
CVE
added 2010/12/07 9:0 p.m.64 views

CVE-2010-4171

CVE-2010-4171 affects SystemTap staprun: it does not verify whether the module to unload was previously loaded by SystemTap, allowing a local user to trigger a denial of service by unloading arbitrary kernel modules. Connected advisories (Debian DSA-2348-1, Oracle/CentOS/Scientific Linux/Nessus e...

2.1CVSS6AI score0.00396EPSS
Exploits0References15Affected Software1
CVE
CVE
added 2010/12/07 9:0 p.m.99 views

CVE-2010-4170

CVE-2010-4170 affects SystemTap, where the staprun runtime does not properly sanitize the environment before invoking modprobe in version 1.3, enabling a local user to escalate privileges by setting MODPROBE_OPTIONS to point to a malicious configuration file. Public references document this issue...

7.2CVSS6AI score0.05346EPSS
Exploits10References19Affected Software1
Cvelist
Cvelist
added 2010/12/07 9:0 p.m.23 views

CVE-2010-4171

The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service unloading of arbitrary kernel modules...

5.9AI score0.00396EPSS
Exploits0References15
Cvelist
Cvelist
added 2010/12/07 9:0 p.m.23 views

CVE-2010-4170

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...

6AI score0.05346EPSS
Exploits10References19
OpenVAS
OpenVAS
added 2010/11/23 12:0 a.m.25 views

CentOS Update for systemtap CESA-2010:0895 centos4 i386

Check for the Version of systemtap OpenVAS Vulnerability Test CentOS Update for systemtap CESA-2010:0895 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

7.2CVSS6.3AI score0.05346EPSS
Exploits10References2
Tenable Nessus
Tenable Nessus
added 2010/11/19 12:0 a.m.31 views

Fedora 14 : systemtap-1.3-3.fc14 (2010-17865)

This refresh corrects two important security bugs in the /usr/bin/staprun program of the systemtap-runtime package. CVE-2010-4171 Ability to remove unused modules by unprivileged user CVE-2010-4170 Insecure loading of modules We would like to thank Tavis Ormandy for reporting this issue. Note tha...

7.2CVSS5.3AI score0.05346EPSS
Exploits10References5
Tenable Nessus
Tenable Nessus
added 2010/11/19 12:0 a.m.30 views

Fedora 12 : systemtap-1.3-3.fc12 (2010-17868)

This refresh corrects two important security bugs in the /usr/bin/staprun program of the systemtap-runtime package. CVE-2010-4171 Ability to remove unused modules by unprivileged user CVE-2010-4170 Insecure loading of modules We would like to thank Tavis Ormandy for reporting this issue. Note tha...

7.2CVSS5.3AI score0.05346EPSS
Exploits10References5
Tenable Nessus
Tenable Nessus
added 2010/11/19 12:0 a.m.32 views

Fedora 13 : systemtap-1.3-3.fc13 (2010-17873)

This refresh corrects two important security bugs in the /usr/bin/staprun program of the systemtap-runtime package. CVE-2010-4171 Ability to remove unused modules by unprivileged user CVE-2010-4170 Insecure loading of modules We would like to thank Tavis Ormandy for reporting this issue. Note tha...

7.2CVSS5.3AI score0.05346EPSS
Exploits10References5
Tenable Nessus
Tenable Nessus
added 2010/11/18 12:0 a.m.34 views

RHEL 4 : systemtap (RHSA-2010:0895)

Updated systemtap packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.2CVSS5.5AI score0.05346EPSS
Exploits10References3
Cent OS
Cent OS
added 2010/11/17 6:59 p.m.59 views

systemtap security update

CentOS Errata and Security Advisory CESA-2010:0895 Updated systemtap packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...

7.2CVSS5.8AI score0.05346EPSS
Exploits10References8
RedHat Linux
RedHat Linux
added 2010/11/17 2:51 p.m.6 views

Systemtap: Insecure loading of modules

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...

7.2CVSS5.8AI score0.05346EPSS
Exploits10References4
RedHat Linux
RedHat Linux
added 2010/11/17 2:51 p.m.36 views

Moderate: Red Hat Security Advisory: systemtap security update

Updated systemtap packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.2CVSS5.8AI score0.05346EPSS
Exploits10References2
RedHat Linux
RedHat Linux
added 2010/11/17 2:33 p.m.8 views

Systemtap: Ability to remove unused modules by unprivileged user

The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service unloading of arbitrary kernel modules...

2.1CVSS5.9AI score0.00396EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/11/17 2:33 p.m.7 views

Systemtap: Insecure loading of modules

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...

7.2CVSS5.8AI score0.05346EPSS
Exploits10References4
Positive Technologies
Positive Technologies
added 2010/11/17 12:0 a.m.5 views

PT-2010-1046 · Red Hat · Systemtap-Server +9

Name of the Vulnerable Software and Affected Versions: systemtap versions 0.6.2 through 1.3 systemtap-runtime versions 0.6.2 through 1.1 systemtap-testsuite versions 0.6.2 through 1.1 systemtap-client versions 1.1 through 1.2 systemtap-server versions 1.1 systemtap-initscript versions 1.1...

7.2CVSS6AI score0.05346EPSS
Exploits10References59
Rows per page
Query Builder