CVE-2011-2502
Published Jul 26, 2012
Last updated a year ago
Overview
- Description
- runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.4
- Impact score
- 6.4
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:systemtap:systemtap:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44665B6E-F588-42BD-9901-268D4DD93BAF",
"versionEndIncluding": "1.5"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "04AE85B6-FE8D-4DD1-BECE-6B7146CF9D73"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E150AE05-60B4-4ECE-AEFA-3A230DAEBCA5"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36FBF185-3189-40C2-B51B-2531F2D88602"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C62AFF32-856E-4EF9-A87F-C06B6FEEE31F"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57C746CB-8DFE-4795-931F-42050D7FBEB4"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "986B653D-5CF2-454C-A38F-172D2256E20C"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF5E8C63-D68F-4ACA-B0DC-1D9EF6A3BFA3"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD56E555-180D-45C3-9311-EFB32F480035"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74215553-AB86-4184-B3AB-D82B20275ED6"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5044754F-66CD-4D17-8874-7303D9F2DCE2"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC674046-FC4F-4262-8F71-4DEECAEC1A1C"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A621722-6DD4-461D-AD74-461B9C10C772"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B5B77E9-F98C-4310-8D6A-E41A27CD559A"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.5.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6E9824F-8977-4CE6-BA05-E8899E41066E"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF58A998-52F0-4BCA-9FF7-FCCC28E6FCE1"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2327CA9-5A80-4C86-BAF6-A9E3BB7085C6"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6627D143-6E8D-40DE-BBD0-308FF1B200D6"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1AE49CA-424E-4328-A348-98F2C847D8FC"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19E88BF9-1403-40F9-A64E-A1FEFEFC4E2D"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E12D5C4-4BC6-4802-B5CE-5D5A41FB3B71"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6FD4201A-64B5-4DCC-9696-BD0F8780D200"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C3FEDD7F-969D-422C-A899-9550EC52EBD7"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F37EBCB6-8056-466C-B2AB-385DF48EEA8F"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:0.9.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D795EA7-04FC-4D0E-9944-6C9D4882A897"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7C36C437-D28D-452A-BAF0-4A618A61920B"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5AB898A5-C8EF-4BBA-B480-00461218FC3B"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D06D7E42-666F-43CE-8BE3-0EE915450CC0"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D031679-0C77-4645-B488-DA29BB81FA39"
},
{
"criteria": "cpe:2.3:a:systemtap:systemtap:1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE5CA99B-6DED-4395-BFE0-C8DB7F504AF0"
}
],
"operator": "OR"
}
]
}
]