Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Fedora Local Security Checks
Title:Fedora Core 14 FEDORA-2010-17865 (systemtap)
The remote host is missing an update to systemtap
announced via advisory FEDORA-2010-17865.

Update Information:

This refresh corrects two important security bugs in the
/usr/bin/staprun program of the systemtap-runtime package.

CVE-2010-4171 Ability to remove unused modules by unprivileged user
CVE-2010-4170 Insecure loading of modules

We would like to thank Tavis Ormandy for reporting this issue.


[ 1 ] Bug #653604 - CVE-2010-4170 Systemtap: Insecure loading of modules
[ 2 ] Bug #653606 - CVE-2010-4171 Systemtap: Ability to remove unused modules by unprivileged user

Solution: Apply the appropriate updates.

This update can be installed with the yum update program. Use
su -c 'yum update systemtap' at the command line.
For more information, refer to Managing Software with yum,
available at

Risk factor : High

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2010-4171
BugTraq ID: 44917
Debian Security Information: DSA-2348 (Google Search)
XForce ISS Database: systemtap-staprunmod-dos(63345)
Common Vulnerability Exposure (CVE) ID: CVE-2010-4170
BugTraq ID: 44914
XForce ISS Database: systemtap-staprun-priv-escalation(63344)
CopyrightCopyright (c) 2010 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.