Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-4273
HistoryJan 26, 2010 - 6:30 p.m.

CVE-2009-4273

2010-01-2618:30:00
CWE-94
[email protected]
web.nvd.nist.gov
36
cve-2009-4273
systemtap
remote attackers
arbitrary commands
shell metacharacters
nvd

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.099

Percentile

94.9%

JSON

stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request.

Affected configurations

NVD
Node
systemtapsystemtapRange1.0
OR
systemtapsystemtapMatch0.2.2
OR
systemtapsystemtapMatch0.3
OR
systemtapsystemtapMatch0.4
OR
systemtapsystemtapMatch0.5
OR
systemtapsystemtapMatch0.5.3
OR
systemtapsystemtapMatch0.5.4
OR
systemtapsystemtapMatch0.5.5
OR
systemtapsystemtapMatch0.5.7
OR
systemtapsystemtapMatch0.5.8
OR
systemtapsystemtapMatch0.5.9
OR
systemtapsystemtapMatch0.5.10
OR
systemtapsystemtapMatch0.5.12
OR
systemtapsystemtapMatch0.5.13
OR
systemtapsystemtapMatch0.5.14
OR
systemtapsystemtapMatch0.6
OR
systemtapsystemtapMatch0.6.2
OR
systemtapsystemtapMatch0.7
OR
systemtapsystemtapMatch0.7.2
OR
systemtapsystemtapMatch0.8
OR
systemtapsystemtapMatch0.9
OR
systemtapsystemtapMatch0.9.5
OR
systemtapsystemtapMatch0.9.7
OR
systemtapsystemtapMatch0.9.8
OR
systemtapsystemtapMatch0.9.9
VendorProductVersionCPE
systemtapsystemtapcpe:/a:systemtap:systemtap::::
systemtapsystemtap0.2.2cpe:/a:systemtap:systemtap:0.2.2:::
systemtapsystemtap0.5.7cpe:/a:systemtap:systemtap:0.5.7:::
systemtapsystemtap0.6cpe:/a:systemtap:systemtap:0.6:::
systemtapsystemtap0.5cpe:/a:systemtap:systemtap:0.5:::
systemtapsystemtap0.9.8cpe:/a:systemtap:systemtap:0.9.8:::
systemtapsystemtap0.5.5cpe:/a:systemtap:systemtap:0.5.5:::
systemtapsystemtap0.9cpe:/a:systemtap:systemtap:0.9:::
systemtapsystemtap0.5.10cpe:/a:systemtap:systemtap:0.5.10:::
systemtapsystemtap0.5.8cpe:/a:systemtap:systemtap:0.5.8:::
Rows per page:
1-10 of 251

References

Related

openvas 15
ubuntucve 2
cvelist 2
prion 2
nessus 10
veracode 1
fedora 4
nvd 2
debiancve 2
cve 1
redhat 1
centos 1
oraclelinux 1
openvas
openvas
SystemTap 'stap-server' Remote Shell Command Injection Vulnerability
2010-02-02 00:00:00
Fedora Update for systemtap FEDORA-2010-0671
2010-03-02 00:00:00
SystemTap 'stap-server' Remote Shell Command Injection Vulnerability
2010-02-02 00:00:00
ubuntucve
ubuntucve
CVE-2009-4273
2010-01-26 00:00:00
CVE-2010-0412
2010-02-25 00:00:00
cvelist
cvelist
CVE-2009-4273
2010-01-26 18:00:00
CVE-2010-0412
2010-02-25 00:00:00
prion
prion
Cross site request forgery (csrf)
2010-01-26 18:30:00
Design/Logic Flaw
2010-02-25 00:30:00
nessus
nessus
Fedora 12 : systemtap-1.1-1.fc12 (2010-0688)
2010-07-01 00:00:00
Fedora 11 : systemtap-1.1-1.fc11 (2010-0671)
2010-07-01 00:00:00
SuSE 11 Security Update : systemtap (SAT Patch Number 2579)
2010-12-02 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:44:06
fedora
fedora
[SECURITY] Fedora 11 Update: systemtap-1.1-1.fc11
2010-01-17 02:55:04
[SECURITY] Fedora 12 Update: systemtap-1.1-1.fc12
2010-01-17 02:57:12
[SECURITY] Fedora 11 Update: systemtap-1.1-2.fc11
2010-02-18 22:23:27
nvd
nvd
CVE-2009-4273
2010-01-26 18:30:00
CVE-2010-0412
2010-02-25 00:30:00
debiancve
debiancve
CVE-2009-4273
2010-01-26 18:30:00
CVE-2010-0412
2010-02-25 00:30:00
cve
cve
CVE-2010-0412
2010-02-25 00:30:00
redhat
redhat
(RHSA-2010:0124) Important: systemtap security update
2010-03-01 00:00:00
centos
centos
systemtap security update
2010-03-02 17:59:18
oraclelinux
oraclelinux
systemtap security update
2010-03-01 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.099

Percentile

94.9%

JSON
Related for CVE-2009-4273
openvas15ubuntucve2cvelist2prion2nessus10veracode1fedora4nvd2debiancve2cve1redhat1centos1oraclelinux1