Vulnerabilities > CVE-2010-0412 - Unspecified vulnerability in Systemtap 1.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN systemtap
nessus
Summary
stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2010-1720.NASL description - Add systemtap-1.1-cfi-cfa_ops-fixes.patch - Resolves RHBZ #564429 - Add systemtap-1.1-get_argv.patch - Resolves CVE-2010-0411 - Add systemtap-1.1 -tighten-server-params.patch (excluding testsuite) - Resolves CVE-2010-0412, CVE-2009-4273 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47266 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47266 title Fedora 12 : systemtap-1.1-2.fc12 (2010-1720) NASL family Fedora Local Security Checks NASL id FEDORA_2010-1373.NASL description - Add systemtap-1.1-cfi-cfa_ops-fixes.patch - Resolves RHBZ #564429 - Add systemtap-1.1-get_argv.patch - Resolves CVE-2010-0411 - Add systemtap-1.1 -tighten-server-params.patch (excluding testsuite) - Resolves CVE-2010-0412, CVE-2009-4273 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 47250 published 2010-07-01 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/47250 title Fedora 11 : systemtap-1.1-2.fc11 (2010-1373)
References
- http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html
- http://www.securityfocus.com/bid/38316
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56611