Rapid7 Vulnerability & Exploit Database

ELSA-2009-0373 Moderate: Enterprise Linux systemtap security update

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

ELSA-2009-0373 Moderate: Enterprise Linux systemtap security update

Severity

CVSS

(AV:L/AC:M/Au:N/C:N/I:C/A:C)

Published

03/25/2009

Created

07/25/2018

Added

12/20/2011

Modified

11/06/2020

Description

Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.

Solution(s)

oracle-linux-upgrade-systemtap
oracle-linux-upgrade-systemtap-client
oracle-linux-upgrade-systemtap-runtime
oracle-linux-upgrade-systemtap-server
oracle-linux-upgrade-systemtap-testsuite

References

https://attackerkb.com/topics/cve-2009-0784
CVE - 2009-0784
DSA-1755
OVAL11613
RHSA-2009:0373
http://oss.oracle.com/pipermail/el-errata/2009-March/000934.html
http://oss.oracle.com/pipermail/el-errata/2009-March/000935.html

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;