6 matches found
CVE-2010-0412
stap-server in SystemTap 1.1 does not properly restrict the value of the -B aka BUILD option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273...
Design/Logic Flaw
stap-server in SystemTap 1.1 does not properly restrict the value of the -B aka BUILD option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273...
CVE-2010-0412
stap-server in SystemTap 1.1 does not properly restrict the value of the -B aka BUILD option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273...
CVE-2010-0412
SystemTap 1.1 and earlier contain two CVEs tracked with this entry: CVE-2009-4273 and CVE-2010-0411. CVE-2009-4273 allows remote code execution via stap-server by unsafely handling shell metacharacters in stap command-line arguments; stap-server may run with root privileges, and remote exploitati...
CVE-2010-0411
Multiple integer signedness errors in the 1 getargv and 2 getcompatargv functions in tapset/auxsyscalls.stp in SystemTap 1.1 allow local users to cause a denial of service script crash, or system crash or hang via a process with a large number of arguments, leading to a buffer overflow...
CVE-2010-0411
CVE-2010-0411 affects SystemTap (tapset/aux_syscalls.stp) where multiple integer signedness errors in the functions __get_argv and __get_compat_argv can allow a local user to trigger a denial of service via a very large argument list, potentially causing a script, system crash or hang. The issue ...