 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.880645 |
| Category: | CentOS Local Security Checks |
| Title: | CentOS Update for systemtap CESA-2010:0894 centos5 i386 |
| Summary: | The remote host is missing an update for the 'systemtap'; package(s) announced via the referenced advisory. |
| Description: | Summary: The remote host is missing an update for the 'systemtap' package(s) announced via the referenced advisory. Vulnerability Insight: SystemTap is an instrumentation system for systems running the Linux kernel, version 2.6. Developers can write scripts to collect data on the operation of the system. staprun, the SystemTap runtime tool, is used for managing SystemTap kernel modules (for example, loading them). It was discovered that staprun did not properly sanitize the environment before executing the modprobe command to load an additional kernel module. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2010-4170) It was discovered that staprun did not check if the module to be unloaded was previously loaded by SystemTap. A local, unprivileged user could use this flaw to unload an arbitrary kernel module that was not in use. (CVE-2010-4171) Note: After installing this update, users already in the stapdev group must be added to the stapusr group in order to be able to run the staprun tool. Red Hat would like to thank Tavis Ormandy for reporting these issues. SystemTap users should upgrade to these updated packages, which contain backported patches to correct these issues. Affected Software/OS: systemtap on CentOS 5 Solution: Please install the updated packages. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-4170 1024754 http://www.securitytracker.com/id?1024754 15620 http://www.exploit-db.com/exploits/15620 42256 http://secunia.com/advisories/42256 42263 http://secunia.com/advisories/42263 42306 http://secunia.com/advisories/42306 42318 http://secunia.com/advisories/42318 44914 http://www.securityfocus.com/bid/44914 46730 https://www.exploit-db.com/exploits/46730/ 46920 http://secunia.com/advisories/46920 DSA-2348 http://www.debian.org/security/2011/dsa-2348 FEDORA-2010-17865 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html FEDORA-2010-17868 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html FEDORA-2010-17873 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html RHSA-2010:0894 http://www.redhat.com/support/errata/RHSA-2010-0894.html RHSA-2010:0895 http://www.redhat.com/support/errata/RHSA-2010-0895.html [systemtap] 20101117 important systemtap security fix http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html http://packetstormsecurity.com/files/152569/SystemTap-1.3-MODPROBE_OPTIONS-Privilege-Escalation.html http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2 systemtap-staprun-priv-escalation(63344) https://exchange.xforce.ibmcloud.com/vulnerabilities/63344 Common Vulnerability Exposure (CVE) ID: CVE-2010-4171 44917 http://www.securityfocus.com/bid/44917 https://bugzilla.redhat.com/show_bug.cgi?id=653606 systemtap-staprunmod-dos(63345) https://exchange.xforce.ibmcloud.com/vulnerabilities/63345 |
| Copyright | Copyright (C) 2011 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |