Lucene search
K
Maynard JohnsonOprofile

5 matches found

cve
cve
added 2011/06/09 7:0 p.m.82 views

CVE-2011-1760

CVE-2011-1760 affects utils/opcontrol in OProfile 0.9.6 and earlier. The root cause is an eval injection possibility via shell metacharacters in the -e argument, enabling local users to gain privileges. Reports in connected documents confirm impact on affected distributions (e.g., EulerOS advisor...

7.2CVSS9AI score0.01367EPSS
cve
cve
added 2011/06/09 9:0 p.m.74 views

CVE-2011-2473

CVE-2011-2473 concerns do_dump_data in utils/opcontrol of OProfile (0.9.6 and earlier). The flaw allows local users to create or overwrite arbitrary files via a crafted --session-dir argument combined with a symlink attack on the opd_pipe file, and is described as a different vulnerability from C...

6.3CVSS8.6AI score0.00401EPSS
cve
cve
added 2011/06/09 9:0 p.m.65 views

CVE-2011-2472

CVE-2011-2472 affects OProfile (utils/opcontrol) up to version 0.9.6. The flaw allows local users to overwrite arbitrary files via a .. in the --save argument (related to --session-dir), constituting a directory traversal vulnerability. The issue is distinct from CVE-2011-1760 and is documented i...

6.3CVSS8.7AI score0.00542EPSS
cve
cve
added 2011/06/09 9:0 p.m.54 views

CVE-2011-2471

CVE-2011-2471 concerns utils/opcontrol in OProfile 0.9.6 and earlier, where local users could gain privileges via shell metacharacters in (1) --vmlinux, (2) --session-dir, or (3) --xen, tied to the daemonrc file and the do_save_setup/do_load_setup functions. The related OpenVAS/Nessus entries cor...

7.2CVSS8.9AI score0.00484EPSS
cve
cve
added 2006/02/08 12:0 a.m.45 views

CVE-2006-0576

CVE-2006-0576 affects opcontrol in OProfile 0.9.1 and earlier, where an untrusted search path allows local users to execute arbitrary commands by a crafted PATH referencing (1) which or (2) dirname programs. The issue can occur in contexts where opcontrol is accessed via sudo, though opcontrol is...

7.2CVSS7.2AI score0.00386EPSS