Vulnerability & Exploit Database

Displaying all 4 entries

Results for: CVE-2010-4171 Back to search

RHSA-2010:0894: systemtap security update Vulnerability

  • Severity: 7
  • Published: December 07, 2010

SystemTap is an instrumentation system for systems running the Linuxkernel, version 2.6. Developers can write scripts to collect data on theoperation of the system. staprun, the SystemTap runtime tool, is used formanaging SystemTap kernel modules (for example, loading them).It was discovered that staprun did not properly sanitize the env...

ELSA-2010-0895 Moderate: Oracle Linux systemtap security update Vulnerability

  • Severity: 7
  • Published: December 07, 2010

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file.

ELSA-2010-0894 Important: Oracle Linux systemtap security update Vulnerability

  • Severity: 7
  • Published: December 07, 2010

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file.

Cent OS: CVE-2010-4171: CESA-2010:0894 (systemtap) Vulnerability

  • Severity: 2
  • Published: December 07, 2010

The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary kernel modules).