CVE-2009-0784
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
5.1%
Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| systemtap | systemtap | 0.0.20080705 | cpe:/a:systemtap:systemtap:0.0.20080705::: |
| systemtap | systemtap | 0.0.20090314 | cpe:/a:systemtap:systemtap:0.0.20090314::: |
References
secunia.com/advisories/34441
secunia.com/advisories/34479
secunia.com/advisories/34548
support.avaya.com/elmodocs2/security/ASA-2009-110.htm
www.debian.org/security/2009/dsa-1755
www.redhat.com/support/errata/RHSA-2009-0373.html
www.vupen.com/english/advisories/2009/0907
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11613
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
5.1%