Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:20776
HistoryJul 28, 2011 - 12:00 a.m.

SystemTap "staprun"权限提升安全漏洞

2011-07-2800:00:00
Root
www.seebug.org
18

0.0004 Low

EPSS

Percentile

5.1%

JSON

CVE ID: CVE-2011-2502

QEMU是一款开放源码的模拟器软件。

QEMU KVM在-runas参数的实现上存在本地安全限制绕过漏洞,本地攻击者可利用此漏洞绕过安全限制并获取某些文件的非法读写访问权限。

staprun程序没有正确限制模块搜索路径,可通过用户空间搜索和恶意模块搜索路径提升权限。

SystemTap SystemTap 1.x
厂商补丁:

SystemTap

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://sourceware.org/systemtap/

Related

prion 1
cve 1
debiancve 1
veracode 1
ubuntucve 1
nvd 1
cvelist 1
redhat 1
nessus 5
fedora 3
openvas 9
oraclelinux 1
prion
prion
Design/Logic Flaw
2012-07-26 19:55:00
cve
cve
CVE-2011-2502
2022-10-03 16:15:16
debiancve
debiancve
CVE-2011-2502
2022-10-03 16:15:16
veracode
veracode
Arbitrary Code Execution
2020-04-10 01:01:22
ubuntucve
ubuntucve
CVE-2011-2502
2012-07-26 00:00:00
nvd
nvd
CVE-2011-2502
2012-07-26 19:55:00
cvelist
cvelist
CVE-2011-2502
2022-10-03 16:15:16
redhat
redhat
(RHSA-2011:1088) Moderate: systemtap security update
2011-07-25 00:00:00
nessus
nessus
RHEL 6 : systemtap (RHSA-2011:1088)
2011-07-26 00:00:00
Oracle Linux 6 : systemtap (ELSA-2011-1088)
2013-07-12 00:00:00
Fedora 15 : systemtap-1.5-8.fc15 (2011-9722)
2011-08-01 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: systemtap-1.5-8.fc14
2011-07-31 04:04:50
[SECURITY] Fedora 15 Update: systemtap-1.5-8.fc15
2011-07-31 03:56:29
[SECURITY] Fedora 15 Update: systemtap-1.7-2.fc15
2012-02-25 08:35:45
openvas
openvas
Fedora Update for systemtap FEDORA-2011-9739
2011-08-02 00:00:00
Fedora Update for systemtap FEDORA-2011-9739
2011-08-02 00:00:00
RedHat Update for systemtap RHSA-2011:1088-01
2012-06-06 00:00:00
oraclelinux
oraclelinux
systemtap security update
2011-07-25 00:00:00

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for SSV:20776
prion1cve1debiancve1veracode1ubuntucve1nvd1cvelist1redhat1nessus5fedora3openvas9oraclelinux1